AlienVault researchers have found a new variant of the Sykipot malware that's designed specifically to steal smart card credentials from users at the U.S. Department of Defense and other organizations.
"The new Sykipot variant appears to have been in the wild for months: Researcher Jaime Blasco found that it was first compiled in March 2011, and since then it has been spotted in dozens of attack samples," writes Dark Reading's Kelly Jackson Higgins. "Blasco says he has no information on whether the attackers were successful in pilfering DoD or other smart-card credentials, but his lab has proved that it works, so it’s likely to have been used in some hacks."
"The Sykipot attackers typically send spear-phishing emails to employees who might have access to sensitive information," Higgins writes. "In the newest variant, the malware employs a keylogger to steal PINs for the smart cards."
Go to "Sykipot Malware Now Steals Smart-Card Credentials" to read the details.
For regular security news updates, follow eSecurityPlanet on Twitter: @eSecurityP.