I am a Jedi. 我:http://sinaurl.cn/hiWzC 化繁成简… 破茧成蝶 Panda Cloud Antivirus 首款基于云的免费防病毒软件
Archive for the ‘Facebook.com’ Category
Welcome to Super Antivirus Blog
December 17, 2009Posted in 1007, Adware, Anti-Phishing, Banking Trojans, Blackhat, Blackhat SEO, Blogs, Botnet, Challenges, Cloud computing, CMS, Contest, Cryptography, Cybercrime, Data Breach, Demonstration, E3, Exploit, Facebook.com, Fast-flux, flash_player_plugin.exe, Hostfresh, How To, identity theft, Internet Antivirus Pro, Malicious links, Malware, Malware in Social Media, Microsoft, Off Topic, Panda Security, PandaLabs, Patch, Phishing, PornTube, Ransomware, Rickroll, Rogue Anti-malware, Rogue Antimalware, Rogueware, Rogueware: Worms, SaaS, Scam, Scareware, Security Conference, Security Reports, SEO, Skype, SMS, Social Media, Social Networks, Spam, Spyforms, SQL Injection, SystemSecurity, Total Security, Trends, Trojan, Tutorial, Twitter, Uncategorized, Video, Vulnerabilities & Exploits, Web Applications, Worms, YouTube | 1 Comment »
Malware Impersonates Classmates and Facebook Websites to Deliver Password Stealing Trojan
March 12, 2009Websites designed to look like Classmates.com and Facebook are currently being used to distribute a password stealing Trojan, which we detect as Trj/Spyforms.BZ. Some of you may remember the Spyforms Malware family from a previous incident involving Barack Obama spam campaigns. In this most recent incident, the malicious web links are still primarily distributed via spam e-mails. Once clicked, the victim is presented with a realistic looking Classmates or Facebook website. The website contains a fake YouTube video, which prompts a dialog stating “Please Download correct Flash Movie Player! Installation: Double-click the downloaded installer. Follow the on-screen instructions!” and attempts to download a file named Adobemedia10.exe or Adobemedia11.exe.
Once installed, the Trojan intercepts network traffic in order to obtain ftp, icq, pop3, and imap passwords and then sends the data back to a server in a Hong Kong based ISP (HOSTFRESH). You may recall the last major Malware incident involving the Hong Kong based ISP, which was one of the providers involved in the malware distribution operation taking place inside of the Atrivo/Intercage network.
Posted in Facebook.com, Hostfresh, Social Networks, Spyforms | Comments Off on Malware Impersonates Classmates and Facebook Websites to Deliver Password Stealing Trojan