In reality, the zip file contains an .exe file that malware. Once active Emotet tries to steal login details for several German banks. In addition, the passwords for Eudora, Google Desktop, Google Talk, IncrediMail, Mozilla Thunderbird, MSN or Windows Live Messenger, Netscape 6 and Netscape 7, Outlook 2000, Outlook 2002 and Outlook Express, Windows Mail and Windows Live Mail and Yahoo! Messenger sent back to the attackers.
The linked website can download a .zip file that contains an executable file with a long file name to hide its .exe extension such as:
- de_0000239029_rechnung_scan_hp_28_0000000904_page_2_10_01_05_id_00291002098.exe
- E-Card_zu_Weichnachten_scan_foto_2834792347_12_2014_21093812_000129_001_004_002910.exe
- Informationen_Kontobewegung_dezember_2014_de_20_8139_237_90109238_000129_000028_05.exe
According to the software giant let the malware show that it is important to keep security software up-to-date. To share in the event Microsoft's security software is used, users taking the advice to data with the Microsoft Active Protection Service Community (MAPS).
No comments:
Post a Comment