If you receive a e-Mail alert of a new patch for your Windows XP OS, think again before opening the link present on the message.
The spammed emails, which purport to come from firstname.lastname@example.org, claim that a vulnerability has been found ‘in the Microsoft WinLogon Service’ and could ‘allow a hacker to gain access to an unpatched computer’.
The link on the e-Mail will redirect to a non-Microsoft site where you will download a trojan named BeastPWS-C, “which is capable of spying on the infected user and stealing passwords.”
When first installed the Trojan horse displays a bogus message, which reads: ‘Microsoft WinLogon Service successfully patched’. In actual fact, the malware is secretly logging keystrokes and sending them to an email address belonging to the hacker.
Well, I wouldn’t mind receiving this ‘Microsoft’ e-Mail and mail-bomb that looser’s e-Mail address (yeah, the good old mail-bomb attack still works).
For future reference, people need to remember that Microsoft doesn’t send hotfixes using attachments and not to deploy this patch on their WSUS servers.
Recent in Malware:
- CrowdRE – Crowdsourced Reverse Engineering Service From CrowdStrike
- Sophos Offers Free Android Antivirus App
- Android Malware App Covertly Makes Purchases On China Mobile Market
- New Spyware Blackmails Users Into Purchasing Software
- Microsoft Preps Windows Security Fix for Patch Tuesday
- Microsoft Breaks Patch Cycle to Issue IE Patch
Most Read in Malware:
- Nasty Trojan Zeus Evades Antivirus Software - 77,206 views
- Hospital Hacker GhostExodus Owns Himself – Arrested - 47,299 views
- US considers banning DRM rootkits – Sony BMG - 44,904 views