PASSTEAL

PASSTEAL is a password stealing malware infection that has appeared recent attacks on file sharing websites. PASSTEAL is characterized by its use of password recovery tools in order to extract stored passwords from web browsers and web browser applications. Malware analysts have detected various fake key or serial number generators on file sharing websites. These kinds of applications are used to generate serial numbers or registration keys for illegally copied applications (usually games or high-end office and design software). Criminals seem to be targeting computer users in these communities by releasing malware disguised as these kinds of commonly traded programs. In fact, this is not particularly a novel idea. ESG security researchers consider file sharing networks to be particularly unsafe in this regard. In fact, the Zeus Trojan (easily the most popular password stealer and banking Trojan) has been detected for years on file sharing websites, often disguised as fake movie files or key generators.

While most password stealing software use keyloggers (components that track the keys pressed on the victim's keyboard) or components that take advantage of an unsecured connection, PASSTEAL is particularly more dangerous because PASSTEAL cannot be bypassed by using different typing methods or using a secure connection to access particular websites. PASSTEAL steals its passwords directly from your web browser. Previous versions of this malware infection made use of 'PasswordFox,' a password recovery application. PASSTEAL uses 'WebBrowserPassView' to steal passwords from the victim's web browser and can target the most commonly used web browsers, including the four most popular web browsers: Google Chrome, Internet Explorer, Safari and Mozilla Firefox in their most used versions. Once PASSTEAL steals the victim's passwords, PASSTEAL stores this information in an XML file and connects to a remote FTP server to deliver this data to a third party.

ESG malware researchers strongly advise computer users to stay away from file sharing networks, particularly torrent networks. PASSTEAL is commonly disguised as a key generator or as a fake eBook. However, it is possible that criminals may start disguising PASSTEAL as other popular file downloads. Common ways in which criminals disguise these kinds of files in malicious torrents are as fake video codecs or as compressed RAR or ZIP archives. Apart from staying away from these kinds of websites, it is also important to use a reliable, fully updated anti-malware program to protect your computer at all times.