Trojan Malware Found Stealing Facebook Passwords

By   ISBuzz Team
Writer , Information Security Buzz | Feb 14, 2016 10:00 pm PST

ESET finds Remtasu malware, spread via piracy websites, expanded from compromising online banking, to stealing Facebook passwords.

[su_note note_color=”#ffffcc” text_color=”#00000″]ESET:

ESET has been tracking the cunning Remtasu malware for well over a year now. What was initially malware that mainly targeted digital certificates, in many cases those used by online banking, has now also been found snooping after peoples’ Facebook login details.

Win32/Remtasu is a Trojan that steals sensitive information, notably using a keylogger. The latest variant also has the specific feature of opening and obtaining information the user has in their clipboard. As well as being able to access this data, the malicious code can capture keystrokes and store all the information in a file which is subsequently sent to an FTP server, where the cybercriminals can analyse and abuse the captured victim’s data.

In the first weeks of 2016, ESET has witnessed 24 different variants of this family of malicious code being spread. Although the current malware is from the same family as the one encountered last year, the way it’s being spread is different. We are no longer seeing propagation through e-mail, but instead infecting from direct download sites (usually with pirated content). Once a user downloads and executes the infected file, their data is compromised.

ESET warns that although having security software can help in detecting malicious content that tries to download itself, as ESET detects the Win32/Remtasu family of malware, being careful about what you click on will always bring further protection against such threats.[/su_note]

[su_box title=”About ESET” style=”noise” box_color=”#336588″]ESETSince 1987, ESET® has been developing award-winning security software that now helps over 100 million users to Enjoy Safer Technology. Its broad security product portfolio covers all popular platforms and provides businesses and consumers around the world with the perfect balance of performance and proactive protection. The company has a global sales network covering 180 countries, and regional offices in Bratislava, San Diego, Singapore and Buenos Aires.[/su_box]

Notify of
0 Expert Comments
Inline Feedbacks
View all comments

Recent Posts

Would love your thoughts, please comment.x