These days, malware campaigns target pretty much anything that people are likely to search for on Google (in fact, some campaigns even target seemingly random searches). One of the latest malware campaigns targets fans of the Twilight book series in anticipation of the upcoming movie New Moon.
As reported by ThreatExpert, the new Trojan (dubbed "PWS-CuteMoon" by McAfee) harvests passwords from a variety of e-mail and FTP client applications—including but not limited to Outlook, Thunderbird, Eudora, The Bat!, CuteFTP, FileZilla, and WS_FTP—and sends the stolen credentials to the malicious site newmoon-movie .net, which receives the data via the Cute News service.
PWS-CuteMoon is also detected as Trj/CI.A, Trojan-Downloader.Win32.FakeRean, TrojWare.Win32.PSW.LdPinch.Gen, and Win32/TrojanDropper.Agent.OKG, according to McAfee.
For more details, see ThreatExpert's blog post and automated analysis of the malware. See also the Web of Trust (WOT) reports for these affiliated sites:
Posts
Dead retailer's 'customer data' turns up on seized kit, unencrypted and very much for sale
-
Infosec bod claims he glimpsed sensitive personal info left on unwiped
servers
Servers that once belonged to defunct Canadian gadget retailer NCIX turned ...
2 hours ago
Looks like the real Halloween :(
ReplyDelete