Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    August 2015
    S M T W T F S
    « Jul    
  • Email Subscription

  • About Us

    In the past few weeks, Trend Micro researchers have become aware that the Russian cybercriminal underground has been overflowing with offers for a new kind of information-stealing malware. These new malware variants pose as agent programs used by Russian social networking sites, such as Odnoklasniki and Vkontakte. (Agent programs are programs used by some websites to allow users to log into their services without having to start their browser.)

    Click for larger view Click for larger view

    A group of cybercriminals interested in stealing the login credentials of the users of these target sites would provide the authors of these new fake agent programs an email address or an ICQ number where the stolen credentials would be placed. These “authors” would then be responsible for distributing their malware to users.

    Users who did download and run these fake agents would be presented with an interface similar or identical to legitimate agent programs.

    Click for larger view Click for larger view

    Upon users would attempt to enter their login credentials by using these fake agents, they would receive a message that the connection to the server has failed. In reality, the credentials have been captured and sent to the cybercriminals via the supplied email address or ICQ number. This threat is detected and removed by Trend Micro as TSPY_FKANTAKTE.A.

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice