Wednesday, 20 May 2015

Infected Version Of PuTTY Steals Passwords


Cyber criminals are spreading on the Internet an infectious variant of the popular SSH client PuTTY, which is designed to steal passwords. PuTTY is a free open source terminal emulator application as a client for SSH, Telnet, rlogin, and raw TCP protocols can serve.

The now discovered version is not on the official PuTTY download site spreads, but via a hacked another page. The infected version would have been the end of 2013 and then already been distributed over the Internet. Recently, anti-virus company Symantec observed more infections. The infection starts with a user searching through a search engine to PuTTY.

Instead of choosing the official website, the user selects a hacked website. The hacked website sends the user several times and let him finally downloading an infected version. When the user logs in via the infected version on a system, the login information can be sent to the attacker. Users also are advised to check that they only download software from the official website of the supplier or developer.

No comments:

Post a Comment