Threat Database Trojans TSPY_PASSTEAL.B

TSPY_PASSTEAL.B

By Domesticus in Trojans

Threat Scorecard

Threat Level: 90 % (High)
Infected Computers: 5
First Seen: November 29, 2012
Last Seen: December 7, 2022
OS(es) Affected: Windows

TSPY_PASSTEAL.B is one variant of the malicious PASSTEAL Trojan, a malware infection that uses password recovery tools to locate and steal passwords stored in its victims' web browsers. This particular variant is spread using social engineering tactics to convince inexperienced computer users to download and execute malicious files. The TSPY_PASSTEAL.B Trojan and its variants are particularly interesting password stealing Trojans because of the different tactic they use to obtain this information. Almost all password stealing Trojans track the victim's keystrokes and spy on activity in order to isolate and steal passwords and other sensitive data (such as credit card numbers or personal information). However, TSPY_PASSTEAL.B and its variants steal this data directly from a web browser. TSPY_PASSTEAL.B is distributed as a fake key generator for popular programs. ESG security researchers have observed that this malware infection is being bundled along with popular programs on file sharing and torrent networks.

Judging from the social engineering tactics being used to distribute TSPY_PASSTEAL.B, this Trojan is being used to target bit-torrent users and members of the file sharing community. ESG security researchers have also observed variants of the TSPY_PASSTEAL.B Trojan being distributed as fake e-books, particularly targeting readers of popular young adult novels, a demographic that is especially vulnerable to malware attacks. The TSPY_PASSTEAL.B variant uses a password recovery utility known as WebBrowserPassView while previous versions of PASSTEAL used a tool named PasswordFox. Using this browser utility, TSPY_PASSTEAL.B can steal data from the most popular web browsers, including different versions of Internet Explorer, Safari, Chrome and Firefox.

Some web browsers offer the option of encrypting your passwords in order to prevent password recovery utilities from stealing it. Normally, using different passwords for different online accounts is a good idea. This way, if a password is compromised, the damage will be limited. To avoid being exposed to the TSPY_PASSTEAL.B Trojan, ESG security researchers strongly advise against perusing file sharing networks and websites. These are a common avenue for the distribution of malware. Prior to the wave of TSPY_PASSTEAL.B attacks, ESG security researchers observed these kinds of networks being used to distribute dangerous banking Trojans such as variants of the Zeus or Zbot Trojan. It is also important to protect your computer from TSPY_PASSTEAL.B attacks by always using a reliable anti-malware scanner and keeping it fully updated at all times.

Trending

Most Viewed

Loading...