These days, malware campaigns target pretty much anything that people are likely to search for on Google (in fact, some campaigns even target seemingly random searches). One of the latest malware campaigns targets fans of the Twilight book series in anticipation of the upcoming movie New Moon.
As reported by ThreatExpert, the new Trojan (dubbed "PWS-CuteMoon" by McAfee) harvests passwords from a variety of e-mail and FTP client applications—including but not limited to Outlook, Thunderbird, Eudora, The Bat!, CuteFTP, FileZilla, and WS_FTP—and sends the stolen credentials to the malicious site newmoon-movie .net, which receives the data via the Cute News service.
PWS-CuteMoon is also detected as Trj/CI.A, Trojan-Downloader.Win32.FakeRean, TrojWare.Win32.PSW.LdPinch.Gen, and Win32/TrojanDropper.Agent.OKG, according to McAfee.
For more details, see ThreatExpert's blog post and automated analysis of the malware. See also the Web of Trust (WOT) reports for these affiliated sites:
Posts
Leaked IT contractor files detail Kremlin's stockpile of cyber-weapons
-
Snowden-esque 'Vulkan' dossier links Moscow firm to FSB, GRU, SRV
An unidentified whistleblower has provided several media organizations with
access to le...
1 hour ago
Looks like the real Halloween :(
ReplyDelete