The FBI is investigating.
According to blog postings by Sunbelt Software President Alex
Eckelberry, the ring was discovered by researcher Patrick Jordan,
an expert on CoolWebSearch (CWS) – a keylogger program that
downloads itself onto computers and then collects information about
an individual or organisation without their knowledge.
Jordan was investigating a particular CWS exploit when he
discovered that the machine he was infecting with the spyware
became a spam zombie. He also noticed a call back to a remote
server, which he traced, only to find the ID theft ring.
According to Eckelberry, the scale of the information being
collected by the ring is "unimaginable". All sorts of data are
being uploaded, from bank account details to names, passwords and
social security numbers.
“There are thousands of machines pinging back daily. There is a
keylogger file that grows and grows, and then is zipped off and
then the cycle continues again,” says the posting. “The server is
in the US, but the domain is registered to an offshore entity.”
