BeastPWSC Trojan horse steals passwords from infected users
Sophos have warned of a spammed email campaign which claims to be security advice from Microsoft, but actually tries to encourage users to install a keylogger onto their computers.
The spammed emails, which have the subject line "Microsoft WinLogon Service Vulnerability Issue" and purport to come from firstname.lastname@example.org, claim that a vulnerability has been found "in the Microsoft WinLogon Service" and could "allow a hacker to gain access to an unpatched computer".
Recipients are advised to click on a link in the email to download the patch. However, the link really points to a non-Microsoft website and initiates the download of the Troj/BeastPWS-C Trojan horse, which is capable of spying on the infected user and stealing passwords. Bogus Microsoft security warning leads to malware
Back to: PC Security, privacy news