Fake Microsoft Patch – BeastPWS-C

The New Acunetix V12 Engine


If you receive a e-Mail alert of a new patch for your Windows XP OS, think again before opening the link present on the message.

The spammed emails, which purport to come from patch@microsoft.com, claim that a vulnerability has been found ‘in the Microsoft WinLogon Service’ and could ‘allow a hacker to gain access to an unpatched computer’.

The link on the e-Mail will redirect to a non-Microsoft site where you will download a trojan named BeastPWS-C, “which is capable of spying on the infected user and stealing passwords.”

When first installed the Trojan horse displays a bogus message, which reads: ‘Microsoft WinLogon Service successfully patched’. In actual fact, the malware is secretly logging keystrokes and sending them to an email address belonging to the hacker.

Well, I wouldn’t mind receiving this ‘Microsoft’ e-Mail and mail-bomb that looser’s e-Mail address (yeah, the good old mail-bomb attack still works).

For future reference, people need to remember that Microsoft doesn’t send hotfixes using attachments and not to deploy this patch on their WSUS servers.

Source: NHS

Posted in: Malware, Windows Hacking

, , , ,


Latest Posts:


Intercepter-NG - Android App For Hacking Intercepter-NG – Android App For Hacking
Intercepter-NG is a multi functional network toolkit including an Android app for hacking, the main purpose is to recover interesting data from the network stream and perform different kinds of MiTM attacks.
dcipher - Online Hash Cracking Using Rainbow & Lookup Tables dcipher – Online Hash Cracking Using Rainbow & Lookup Tables
dcipher is a JavaScript-based online hash cracking tool to decipher hashes using online rainbow & lookup table attack services.
HTTP Security Considerations - An Introduction To HTTP Basics HTTP Security Considerations – An Introduction To HTTP Basics
HTTP is ubiquitous now with pretty much everything being powered by an API, a web application or some kind of cloud-based HTTP driven infrastructure. With that HTTP Security becomes paramount and to secure HTTP you have to understand it.
Cangibrina - Admin Dashboard Finder Tool Cangibrina – Admin Dashboard Finder Tool
Cangibrina is a Python-based multi platform admin dashboard finder tool which aims to obtain the location of website dashboards by using brute-force, wordlists etc.
Enumall - Subdomain Discovery Using Recon-ng & AltDNS Enumall – Subdomain Discovery Using Recon-ng & AltDNS
Enumall is a Python-based tool that helps you do subdomain discovery using only one command by combining the abilities of Recon-ng and AltDNS.
RidRelay - SMB Relay Attack For Username Enumeration RidRelay – SMB Relay Attack For Username Enumeration
RidRelay is a Python-based tool to enumerate usernames on a domain where you have no credentials by using a SMB Relay Attack with low privileges.


Comments are closed.