What is the BigBlueNetwork?

News Categories

Post a news story

Join other instant messaging fans in our live IRC chat room. Click here to launch our java chat, or visit irc.bigblueball.com #bigblueball

Latest News

News Feeds

Add to My Yahoo!
  Help
  Help

 Got instant messaging questions? Get answers in our forums. Sign up now for free!

Front Page > Site News & Announcements > Instant Messaging News > Windows Live Messenger News

WARNING: MSN Live Password Stealer trojan does exactly that

Posted by detn8r detn8r is offline on 01-25-2007, 06:13 PM  


Thanks graciously to the guys over at mess.be for reporting the following this afternoon:

Malware going by the name of Msn Live Password Stealer and which does exactly what its name suggests, came on the radar of anti-virus company Sophos earlier this week and was added to their virus database as Troj/Msnfake-M.

Various versions of the password stealer (up until v4) are currently being distributed via Torrents and can very easily be configured, renamed and passed on to victims. When executed, the trojan displays a fake Windows Live Messenger login prompt and any entered username and password is automatically saved into c:\pas.txt (default destination). For the next step, the hacker can decide to show an error message, just terminate the application or terminate it and launch the real client. He can retrieve the stored login details via a pre-set e-mail address.

Sophos already updated their virus definitions files and other anti-virus firms can be expected to follow suit. To protect yourself from this trojan, do not accept and execute suspicious .exe/.bat/.pif/... files. Just to give you an idea, the filesize of this particular trojan is between 1 and 1.5 megabyte.

We know rumors insinuated the official release of Windows Live Messenger 8.1 today, but be aware that hackers often trick their victims into thinking they're being sent "the latest (Beta) version" of this or that software. Only download the client via ideas.live.com, Mess.be and of course BigBlueBall.com.

>> More information: Sophos threat analysis.
Last edited by Jeff : 01-28-2007 at 12:18 PM.
Reply With Quote

View Comments   Show Printable Version   Email this Page


 

Comments

rickjames5000 says
03-23-2007, 04:49 PM
Does it apply for the new MSN
Reply With Quote
Reply

« Previous Topic | Next Topic »

LinkBacks (?)
LinkBack to this Thread: http://www.bigblueball.com/forums/windows-live-messenger-news/39328-warning-msn-live-password-stealer-trojan-does-exactly.html
Posted By For Type Date
Speedlinking - January 27th, 2007 - MSN Messenger news This thread Refback 01-27-2007 05:43 AM
Dog Training » Blog Archive » Messenger By the Millions This thread Pingback 01-27-2007 12:33 AM
Speedlinking - January 27th, 2007 at Fanatic Live This thread Pingback 01-26-2007 09:02 PM

Currently Active Users Viewing This Topic: 3 (0 members and 3 guests)
 
Topic Tools


Similar Topics
Topic Replies Last Post
MSN Messenger FAQ 17 10-27-2006 04:07 PM
Connectivity error and common error solutions 6 01-01-2006 02:03 PM
All MSN 6 News and Improvment. 7 04-16-2004 02:43 PM

 
All times are GMT -5. The time now is 04:11 PM.
Return to the BigBlueBall.com homepageHome | Contact Us | Privacy Statement | Advertise | Top
Powered by vBulletin® Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.0.0 RC6
Content Relevant URLs by vBSEO 3.0.0 RC6
©1999 - 2008 BigBlueBall.com All rights reserved.