DIY Fake MSN Client Stealing Passwords

This forum is for related Instant Messaging threats for all IM clients

Moderators: Admin Team, Moderators

User avatar
TeMerc
Site Admin
Site Admin
Posts: 15995
Joined: Fri Jan 28, 2005 5:16 pm
Area Of Expertise: Security
experience: I know the functions, OS settings, registry tweaks and more
PC time: What else is there in life?
Location: PHX, AZ
Contact:

DIY Fake MSN Client Stealing Passwords

Postby TeMerc » Thu Jan 17, 2008 12:58 pm

This tool deserves our attention mostly because of its do-it-yourself (DIY) nature, just like the many other related ones I discussed before. Custom error messages, two options for to kill or restore MSN after the password is obtained, and custom FTP settings to upload the accounting data. Why did they choose FTP compared to email as the leak point for the data? From my perspective uploading the accounting data on an FTP server means compatibility from the perspective of easily obtaining the accounting data to be used as foundation for another MSN spreading malware or spim, compared to accessing it from an email account.


.....according to some publicly obtainable stats, IM spreading malware in general has been declining for the past two years, but how come? It's because of their broken and bit outdated social engineering model, namely the lack of messages localization, abuse of public events as windows of opportunities, and the lack of any kind of segmentation. One-to-many may be logical from an efficiency point of view, but it's like embedding a single exploit on hundreds of thousands of sites compared to a set of exploits, or a set of techniques like in this case.
0-= DDanchev Blog
Image

Return to “IM Threat Center”

Who is online

Users browsing this forum: No registered users and 1 guest