14 DAY TRIAL // While he was investigating the way in which a well known spyware, CoolWeb Search, works, one of the security experts at Sunbelt Software, has discovered that the malicious software was actually concealing an ID theft attempt. Alex Eckelberry, President of Sunbelt Software, told Computer World, that the security expert noticed that at a certain point CoolWeb Search, which tried to transform the infected system into a spam zombie, also attempted to send private information to a US server, which hosted a domain name registered in China.
Sunbelt Software tracked the path to the server, where it has discovered, by unrevealed means, a file that contained personal data, such as addresses, bank accounts, passwords for e-banking accounts, information on eBay accounts, credit cards (some of them with username, password and full address)
Eckelberry said that in two days, the file recorded data coming from 50 banks, its dimension increasing by 10-20MB at every refresh.
Being concerned over the losses that could be generated by this fraud, Sunbelt Software has decided to contact the persons and banks that appeared in the file, in order to inform them on the company's discoveries.
FBI hasn't confirmed yet the starting of an investigation. Eckelberry said that the systems which are most affected by this spyware are the computers running Windows XP without SP2 and Sunbelt Software is checking now to see whether previous Windows versions could also be affected by this code.