EyePyramid – Data Stealing Trojan Horse

I read a story in Naked Security recently that reported the arrest of a couple of Italian cyber-criminals who have been stealing personal information from Italian mayors, prime ministers, cardinals, and other notables since 2010.   They used a phishing exploit to install a Trojan Horse/keylogger called EyePyramid.  There were a couple of things that caught my eye.

The first is the sheer volume of data stolen – 87 gigabytes!  This information was used by the perpetrators to make stock trades on insider information.

The second thing that stuck out to me, the data was all stored on servers in the US, specifically Salt Lake City, Utah, and Prior Lake, Minnesota.  The irony for me is I used to work for the company (Integra Telecom) with the servers in Prior Lake, so the local hook is compelling for me.

The story itself is interesting in that it illustrates a point I make in my training and speaking engagements.  All data has value, even the stuff you think no one would be interested in.  It also shows how effective a clever spearphishing campaign can be.  It also backs up another belief of mine.  People at the top, in positions of power and authority, are the WORST when it comes to computer knowledge and even a fundamental understanding of cybersecurity.  And it makes them easy targets to exploit.

So if that describes you, maybe you should show up the next time your HR or IT department brings in a cybersecurity trainer for your employees.  Hey – leading by example, isn’t that supposed to be a thing?


About the Author:

Cybersecurity guru to business owners in the St Paul, Minneapolis, and western Wisconsin area. Computer security and hacking have been a passion of mine since I entered the computer and networking business in 2000. In 2013 I completed a course of study and certification exam to become a Certified Ethical Hacker (CEH). In 2016 I was certified as a Certified Information Systems Security Professional (CISSP). As Cybersecurity Analyst at The WyzCo Group, I help our clients experience high levels of computer security, network security, and web site security. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also provide Cybersecurity Awareness Training for clients and their employees. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. The views expressed on this Web site are mine alone and do not necessarily represent the views of my employer.

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.