Keylogging is a pretty common feature of many malware families because recording the key pressed on a keyboard may reveal a lot of interesting information like usernames, passwords, etc. Back from SANSFIRE, I looked at my backlog of hunting results and found an interesting piece of Python malware. This one implements a keylogger and a screenshot grabber but also… a “mouse logger”! By mouse logger, I mean that it can collect activity generated by the user's mouse.
This article has been indexed from SANS Internet Storm Center, InfoCON: green