The spyware keylogger, named Srv.SSA-KeyLogger, secretly steals data from users’ Internet sessions, including logins and passwords from online banking sessions, eBay, PayPal, and other programs that use html forms to collect personal information. It is a new variant of existing Trojans known by a variety of names, including Troj/Dumaru-BD, Troj/Dumaru-ALTroj/Dumaru-BO, BackDoor-CCT.gen, and Backdoor.Nibu.L.
Note that all of the infections we have observed of this keylogger are on older unpatched Windows XP systems, underscoring the need to have Windows XP SP 2 installed. To protect users from this harmful keylogger, new definitions have been added to SunbeltвЂ™s spyware threat database that powers both CounterSpy and CounterSpy Enterprise. All current customers will receive the latest definition updates.
Make sure the definitions of CounterSpy Consumer are updated to version 261 (and 256 for CounterSpy 1.0.29) by clicking on File, Check for updates and test your PC for this new spyware.
Visit the SSA-KeyLogger cleaning page (Version 21.00, updated Nov 7) to download a free utility to detect and remove the SSA-KeyLogger spyware.
If your PC is infected, and Srv.SSA-KeyLogger shows up as quarantined by CounterSpy, that means your personal information has been compromised. Make sure to warn any financial institution (Banks, PayPal, eBay, stock broker, etc) you have checked via this PC and change your passwords for these accounts immediately!