If you receive a e-Mail alert of a new patch for your Windows XP OS, think again before opening the link present on the message.
The spammed emails, which purport to come from email@example.com, claim that a vulnerability has been found ‘in the Microsoft WinLogon Service’ and could ‘allow a hacker to gain access to an unpatched computer’.
The link on the e-Mail will redirect to a non-Microsoft site where you will download a trojan named BeastPWS-C, “which is capable of spying on the infected user and stealing passwords.”
When first installed the Trojan horse displays a bogus message, which reads: ‘Microsoft WinLogon Service successfully patched’. In actual fact, the malware is secretly logging keystrokes and sending them to an email address belonging to the hacker.
Well, I wouldn’t mind receiving this ‘Microsoft’ e-Mail and mail-bomb that looser’s e-Mail address (yeah, the good old mail-bomb attack still works).
For future reference, people need to remember that Microsoft doesn’t send hotfixes using attachments and not to deploy this patch on their WSUS servers.
- ParanoiDF – PDF Analysis & Password Cracking Tool
- Windows Registry Infecting Malware Has NO Files
- FakeNet – Windows Network Simulation Tool For Malware Analysis
- New Spyware Blackmails Users Into Purchasing Software
- Microsoft Preps Windows Security Fix for Patch Tuesday
- Microsoft Breaks Patch Cycle to Issue IE Patch
Most Read in Malware:
- Nasty Trojan Zeus Evades Antivirus Software - 77,299 views
- Hospital Hacker GhostExodus Owns Himself – Arrested - 47,447 views
- US considers banning DRM rootkits – Sony BMG - 44,926 views