A Trojan in Disguise….!!!

Well, it was first the Heartbleed bug which sent the whole world scrambling and put everyone in shellshock situation. Now it’s the supposed “Heartbleed Bug Detectors” making the rounds in emails and sites which instead go and steal your info. Record Keystrokes and capture screenshots. A Trojan in Disguise…

A Trojan in Disguise...

A Trojan in Disguise…

Nearly two months have passed since news of the Heartbleed bug went public, but spammers continue to exploit fear of the now infamous OpenSSL vulnerability in order to deliver information-stealing trojans.

In a new, yet familiar spam campaign, emails that claim to come attached with a Heartbleed bug removal tool actually deliver an Infostealer trojan, according to a Symantec post, which explains that the trojan logs keystrokes and takes screenshots.

Several clues give the scam away, such as a subject line that is entirely unrelated to the remainder of the email, and how the Heartbleed bug is referred to in the body of the email as a virus that can be removed.

A month ago, researchers with Dell SecureWorks Counter Threat Unit identified a trojan, referred to as HelloBridge, which was masquerading as a Heartbleed bug testing tool.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s