Flattr this!

“Doctor Web” fixed network mass mailing through which attackers infect a user’s computer with a Trojan that can steal passwords from many applications.


Experts report that users have started to receive letters from malicious trojan from 26 to 27 December. The message contains information about the need to pay a certain bill, in addition the e-mail includes a zip-archive.

Researchers note that the letters of spam contains lots of errors. “The archive is an executable file, and the expansion of a malicious application (. Exe) is separated from the name of a large number of points in order to hide it in Windows Explorer. A similar way to “hide” the true file extension is used by hackers for many years and is considered as very trivial “- said Doctor Web.

Trojan contained in the newsletter, was created by the designer tools to steal passwords UFR Stealer, freely distributed on hacker forums since at least 2010.

“Obtained by a malicious application designer can steal passwords from most popular browsers, mail clients, FTP-client, instant messaging and other applications (eg, games, World of Tanks), and send the data via FTP to a remote server or by e-mail, “- according to the report by Doctor Web.

According to data provided by the company, the virus is able to infect several hundred machines.