Call Center Falls Victim to a Keylogger

A Mumbai based call center reports that the entire company’s IT infrastructure had been compromised by a keylogger trojan. The virus was able to capture important customer data and sell it to hackers worldwide.

Not long ago, the call center had about two hundred employees and was working on USA debt consolidation process which was handling more than 300-400 confidential credentials of US customers on a daily basis. The call center had good operations for a while until the US court sent them a notice that a huge amount of money had disappeared from numerous bank accounts. that belonged to another US company. Eventually suspicion fell upon the Indian call center and an internal investigation began.

It turned out that seven months before incident, an employee had infected the whole IT infrastructure, from workstations to servers, with a keylogger Trojan that collected keystrokes from all the systems. The medium of travel for the virus was the local area network (LAN). In addition, the call center had very poor malware/virus protection at the time. Information that was collected by the Trojan consisted of the name, addresses, credit card numbers, and social security numbers. The information would then be sent to Russian and Chinese hackers through several black hackers’ forums. Moreover, the data was also sold to Nigerians who were operating a card-cloning business.

In the end, the perpetrator was caught and all the systems during this time were cleaned up, e.g., formatted, etc. Employees were on paid leave as well.