Security Labs

Alerts

BOOKMARK THIS ALERT
  digg   |     del.icio.us   |     reddit
  newsvine   |     furl   |     technorati

MSN Messenger Spoof / Bancos.ju

Date:03.23.2005

Threat Type: Trojan Keylogger / Malicious Website

Websense® Security LabsTM has received reports of a spoofed email message that attempts to redirect users to a malicious website to run a Trojan Horse that steals banking passwords. The user receives a message spoofed from Microsoft. The email, which is written in Portuguese, offers a new version of the Microsoft Instant Messenger program.   Upon clicking the link, the user is redirected to a malicious website that hosts a password-stealing Keylogger. When predetermined banking websites are accessed, the Keylogger (bancos.ju) logs keystrokes and sends them to a third party.

 

The website is hosted in the United States and was up and running at the time of this alert.

 

Email screenshot: