Wednesday, 7 January 2015

New Variant of Emotet Malware - "Microsoft Warns of Malware That Steals Passwords"

Microsoft warned their users about malware that steals passwords for various programs and login details for online banking. The Emotet malware is distributed via a spam campaign that is aimed primarily at German Internet users, although 2.3% of the infections was observed in the Netherlands. The email contains a link to a zip file with a known deposit of the bank.

In reality, the zip file contains an .exe file that malware. Once active Emotet tries to steal login details for several German banks. In addition, the passwords for Eudora, Google Desktop, Google Talk, IncrediMail, Mozilla Thunderbird, MSN or Windows Live Messenger, Netscape 6 and Netscape 7, Outlook 2000, Outlook 2002 and Outlook Express, Windows Mail and Windows Live Mail and Yahoo! Messenger sent back to the attackers.

The linked website can download a .zip file that contains an executable file with a long file name to hide its .exe extension such as:

  • de_0000239029_rechnung_scan_hp_28_0000000904_page_2_10_01_05_id_00291002098.exe
  • E-Card_zu_Weichnachten_scan_foto_2834792347_12_2014_21093812_000129_001_004_002910.exe
  • Informationen_Kontobewegung_dezember_2014_de_20_8139_237_90109238_000129_000028_05.exe

According to the software giant let the malware show that it is important to keep security software up-to-date. To share in the event Microsoft's security software is used, users taking the advice to data with the Microsoft Active Protection Service Community (MAPS).

No comments:

Post a Comment