Home › Forums › Archives › Site News & Announcements › Instant Messaging News › Windows Live Messenger News › WARNING: MSN Live Password Stealer trojan does exactly that
- This topic has 1 reply, 2 voices, and was last updated 17 years, 1 month ago by rickjames5000.
-
AuthorPosts
-
January 25, 2007 at 11:13 pm #26248detn8rParticipant
Thanks graciously to the guys over at mess.be for reporting the following this afternoon:
Malware going by the name of Msn Live Password Stealer and which does exactly what its name suggests, came on the radar of anti-virus company Sophos earlier this week and was added to their virus database as Troj/Msnfake-M.
Various versions of the password stealer (up until v4) are currently being distributed via Torrents and can very easily be configured, renamed and passed on to victims. When executed, the trojan displays a fake Windows Live Messenger login prompt and any entered username and password is automatically saved into c:pas.txt (default destination). For the next step, the hacker can decide to show an error message, just terminate the application or terminate it and launch the real client. He can retrieve the stored login details via a pre-set e-mail address.
Sophos already updated their virus definitions files and other anti-virus firms can be expected to follow suit. To protect yourself from this trojan, do not accept and execute suspicious .exe/.bat/.pif/… files. Just to give you an idea, the filesize of this particular trojan is between 1 and 1.5 megabyte.
We know rumors insinuated the official release of Windows Live Messenger 8.1 today, but be aware that hackers often trick their victims into thinking they’re being sent “the latest (Beta) version” of this or that software. Only download the client via ideas.live.com, Mess.be and of course BigBlueBall.com.
>> More information: Sophos threat analysis.
March 23, 2007 at 8:49 pm #157390rickjames5000MemberDoes it apply for the new MSN
-
AuthorPosts
- You must be logged in to reply to this topic.