Well, it was first the Heartbleed bug which sent the whole world scrambling and put everyone in shellshock situation. Now it’s the supposed “Heartbleed Bug Detectors” making the rounds in emails and sites which instead go and steal your info. Record Keystrokes and capture screenshots. A Trojan in Disguise…
Nearly two months have passed since news of the Heartbleed bug went public, but spammers continue to exploit fear of the now infamous OpenSSL vulnerability in order to deliver information-stealing trojans.
In a new, yet familiar spam campaign, emails that claim to come attached with a Heartbleed bug removal tool actually deliver an Infostealer trojan, according to a Symantec post, which explains that the trojan logs keystrokes and takes screenshots.
Several clues give the scam away, such as a subject line that is entirely unrelated to the remainder of the email, and how the Heartbleed bug is referred to in the body of the email as a virus that can be removed.
A month ago, researchers with Dell SecureWorks Counter Threat Unit identified a trojan, referred to as HelloBridge, which was masquerading as a Heartbleed bug testing tool.