{"id":469,"date":"2007-03-16T08:39:26","date_gmt":"2007-03-16T08:39:26","guid":{"rendered":"https:\/\/www.darknet.org.uk\/2007\/03\/msn-password-stealing-trojan-becomes-public\/"},"modified":"2010-06-18T09:23:23","modified_gmt":"2010-06-18T08:23:23","slug":"msn-password-stealing-trojan-becomes-public","status":"publish","type":"post","link":"https:\/\/www.darknet.org.uk\/2007\/03\/msn-password-stealing-trojan-becomes-public\/","title":{"rendered":"MSN Password Stealing Trojan Becomes Public"},"content":{"rendered":"
<\/p>\n
Ah another trojan, this time targeting MSN Live logins for. The trojan has been made public by some kind citizen calling himself “Our Godfather” on the BitTorrent network.<\/p>\n
The sad thing is…I guess it works and hundreds of people will have installed it.<\/p>\n
Malware designed to steal users’ Windows Live Messenger password has been released onto the net. The password stealer was released for download via BitTorrent earlier this week by a hacker using the handle “Our Godfather”.<\/p>\n
The malware comes in the form of an IMB download confirmed by anti-virus firm Sophos as containing a password-stealing Trojan horse. Victims would need to be tricked into downloading and executing the malware, which might be renamed in a bid to disguise its identity, in order for the exploit to work.<\/p><\/blockquote>\n
It works a bit like the common phishing schemes, but it uses actual software to emulate the MSN Messenger login screen rather than a web-page.<\/p>\n
“It displays a fake Windows Live Messenger Login Screen and prompts for login details. Username and password are captured and stored in C:\\pas.txt,” explained Sophos senior technology consultant Graham Cluley.<\/p>\n
Sophos has named the malware as MSNfake-M<\/a> and added protection against the code to its security software packages. Other anti-virus firms can be expected to follow suit.<\/p><\/blockquote>\n
Another reason to use Sophos I guess, they are always ahead of the curve on this stuff.<\/p>\n
<\/p>\n