Keyloggers found plugged into library computers
Fears about banking credentials being harvested, following the discovery of keyloggers plugged into library computers, have been played down.
A report by the Manchester Evening News said that ‘snooping devices' were found plugged into public computers at libraries in Wilmslow. It was not known how long they had been there. Two devices were seized by library staff and are being studied by Cheshire Police's hi-tech crime unit. A third device disappeared from Wilmslow library before it could be confiscated.
Police inspector for the Wilmslow area Matt Welsted, said: “This is an example of how criminals have changed over the years to take advantage of technology and social trends. The good news is that incidents such as these are still very rare and easily prevented. If you think something is suspicious, then challenge it and tell us about it.”
However Sean Sullivan, security advisor at F-Secure Labs, said that the purpose of the keyloggers was still unknown. He said that common fears would be founded on a default reaction, as people will not know all the other ways in which keylogged information can be used.
He said: “The entire point of the keyloggers may have been to acquire Facebook/email account logins for the purpose of pushing spam. Or perhaps to scrape Facebook photo albums of teenage girls or emails looking for ‘sexting' related materials. This could also have been a blackmailing/extortion scheme and/or a means to collect material to sell on to other sites. The only way to really know for sure is to ask the police what was found on the devices.
“My second thought is that in the USA (my country of origin), a lot of folks use the public library because they cannot afford a computer. Or, the rural area in which they live doesn't offer high-speed broadband. So the library becomes a very popular place.
“I don't think it is likely that these people are doing much banking at the library, but I do know of other sensitive services that are accessed, immigration services for example. In North Carolina, you need a computer and internet access to make an appointment for immigration matters. So, there could be ID theft concerns, but I think the first case is more likely.”
David Harley, senior research fellow at ESET, also claimed that this sort of incident is probably not that uncommon and that there are common access trusted machines and networks all over the place that would be easy to misuse.
He said: “As it happens, one of the ESET presentations at the RSA Conference highlighted a couple of not-unrelated incidents: in 2007, the RSA Conference itself made available common access kiosk computers running XP with full admin privileges and no protection except a free anti-virus product; while in 2010 IBM gave out Autorun-infected USB sticks at AusCERT. Wouldn't you expect better security in those cases?”
“The real problem is that people expect someone else to protect their privacy and security in all sorts of contexts. Not everyone who makes available a common access PC or access point is responsible enough or expert enough to take adequate precautions to protect the people who use it.”