The company "Doctor Web announced mass email newsletter, which is distributed malware Trojan.PWS.UFR.3010.
As told CNews in the company, this Trojan is designed to steal passwords from many application programs.
on December 26-27, 2012, Internet users began to receive emails about paying some bills, containing the attached ZIP archive. In the message text, as a rule, it is suggested to check the Bank details of the payment order.
According to experts "Doctor Web, pay attention to several facts. "First of all, alarming archive name ([FILENAME].JPG.zip and errors in the text of the letter. Inside the archive is an executable file, with the extension of the malicious application.exe) is separated from the name by a large number of points to hide it in the "Explorer". A similar way to "hide" the true file extension is used by hackers for many years and is considered to be trivial.
However, predecessors had done its job much better: instead of the points they used a large number of spaces, so users of Windows Explorer has become very difficult to determine the true file type, said experts. - It should be noted that distributors Trojan did not even bother to replace the app icon to something neutral: apparently, the onset time for school exams does not leave sufficient time for experimentation".
According to Doctor Web, the malware, detected by anti-Dr.The Web as a Trojan.PWS.UFR.3010 created using the well-known designer tools to steal passwords UFR Stealer, freely distributed on hacker forums with at least 2010, "to Use this program any teenager who does not have even a minimal knowledge of programming.
Obtained using the designer malware is capable of stealing passwords from most popular web browsers, mail clients, FTP clients, instant messaging and other applications (such as games World of Tanks), and send the data using FTP to a remote server, or by e-mail", - stressed in the company.
Analysis of the FTP server intruders showed that a total of contamination have been at least several hundred computers, and for the last day - not less than 120 PC. In "Doctor Web recommends to avoid malware infection do not open attachments in emails from unknown sources.
Source:
here
No comments:
Post a Comment