DDanchev BlogThis tool deserves our attention mostly because of its do-it-yourself (DIY) nature, just like the many other related ones I discussed before. Custom error messages, two options for to kill or restore MSN after the password is obtained, and custom FTP settings to upload the accounting data. Why did they choose FTP compared to email as the leak point for the data? From my perspective uploading the accounting data on an FTP server means compatibility from the perspective of easily obtaining the accounting data to be used as foundation for another MSN spreading malware or spim, compared to accessing it from an email account.
.....according to some publicly obtainable stats, IM spreading malware in general has been declining for the past two years, but how come? It's because of their broken and bit outdated social engineering model, namely the lack of messages localization, abuse of public events as windows of opportunities, and the lack of any kind of segmentation. One-to-many may be logical from an efficiency point of view, but it's like embedding a single exploit on hundreds of thousands of sites compared to a set of exploits, or a set of techniques like in this case.
This forum is for related Instant Messaging threats for all IM clients
1 post • Page 1 of 1
- Site Admin
- Posts: 15995
- Joined: Fri Jan 28, 2005 5:16 pm
- Area Of Expertise: Security
- experience: I know the functions, OS settings, registry tweaks and more
- PC time: What else is there in life?
- Location: PHX, AZ
Users browsing this forum: No registered users and 1 guest