If you receive a e-Mail alert of a new patch for your Windows XP OS, think again before opening the link present on the message.
The spammed emails, which purport to come from email@example.com, claim that a vulnerability has been found ‘in the Microsoft WinLogon Service’ and could ‘allow a hacker to gain access to an unpatched computer’.
The link on the e-Mail will redirect to a non-Microsoft site where you will download a trojan named BeastPWS-C, “which is capable of spying on the infected user and stealing passwords.”
When first installed the Trojan horse displays a bogus message, which reads: ‘Microsoft WinLogon Service successfully patched’. In actual fact, the malware is secretly logging keystrokes and sending them to an email address belonging to the hacker.
Well, I wouldn’t mind receiving this ‘Microsoft’ e-Mail and mail-bomb that looser’s e-Mail address (yeah, the good old mail-bomb attack still works).
For future reference, people need to remember that Microsoft doesn’t send hotfixes using attachments and not to deploy this patch on their WSUS servers.
Recent in Malware:
- Azazel – Userland Anti-debugging & Anti-detection Rootkit
- The Mask AKA Careto Espionage Malware
- Yahoo! Spread Bitcoin Mining Botnet Malware Via Ads
- New Spyware Blackmails Users Into Purchasing Software
- Microsoft Preps Windows Security Fix for Patch Tuesday
- Microsoft Breaks Patch Cycle to Issue IE Patch
Most Read in Malware:
- Nasty Trojan Zeus Evades Antivirus Software - 77,254 views
- Hospital Hacker GhostExodus Owns Himself – Arrested - 47,393 views
- US considers banning DRM rootkits – Sony BMG - 44,912 views