A new variant of SpyEye malware allows cybercriminals to monitor potential bank fraud victims by hijacking their webcams and microphones, according to security researchers from antivirus vendor Kaspersky Lab.
SpyEye is a computer Trojan horse that specifically targets online banking users. Like its older cousin, Zeus, SpyEye is no longer being developed by its original author, but is still widely used by cybercriminals in their operations.
SpyEye's plug-in-based architecture allows third-party malware developers to extend its original functionality, Kaspersky Lab malware researcher Dmitry Tarakanov said in a
blog post on Monday. This is exactly what happened with the new webcam and microphone spying feature, which is implemented as a SpyEye plug-in called flashcamcontrol.dll, Tarakanov said.
