BOOKMARK THIS ALERT

  digg   |     del.icio.us   |     reddit
  newsvine   |     furl   |     technorati

Habbo Hotel Trojan Keylogger

Date:02.19.2008

Threat Type: Malicious Web Site / Malicious Code

Websense® Security Labs™ has received reports of a Trojan keylogger aimed at the users of Habbo, a popular social networking site for teenagers. As of last month, Habbo’s entry on Wikipedia said that over 8 million unique visitors access Habbo’s Web sites around the world every month.

The party involved in spreading this malicious code poses as a third-party software tool developer for Habbo.

Screenshot of the Web site hosting the malicious code:



Among the “tools” available for download, which will supposedly give the Habbo user an edge in the game, is a file named ProRig.V9.exe (MD5: b80305ace7d4a01541467511df256287).

Screenshot of the site providing the download:



Unsuspecting victims who seek the touted benefits of this fake tool will instead have their own desktops compromised with spyware. Websense Security Labs recommends caution when trying out new third-party applications developed for Web 2.0 and social networking Web sites, especially those with APIs open for third-party developers.

Websense security customers are protected from this attack.