Fake App Sends You and Your PC on Memento Mori Trip
"Adieu, adieu, adieu! Remember me." If you’ve ever dreamt of being somewhat like the Ghost in Shakespeare’s Hamlet, here’s your chance, delivered by e-mail: a nice Facebook app that promises to help you share a message with your loved ones after you die.
Too morbid to work as a bait? Wouldn’t rush to that conclusion as, surprisingly (to some) this idea has already been exploited by the creators of an “If I die” legitimate app:
Whether you’ve heard about the real thing or not, let’s say the e-mail catches you in a melancholic mood and you give in to the temptation. Once you click the embedded link, you will be asked to download an .exe file. Do so and you will be signing the death certificate of your computer’s security. Cause of death: keylogger and backdoor combo infection.
The file is, actually, a dot net which drops three encrypted executables, one with the actual payload. Its portfolio of malicious skills includes, among other things: using its botkiller component to kill other bots installed on the same machine, using a keylogger component to steal passwords and other important info the user might type in, installing a backdoor component to receive commands from a remote source, and even taking Webcam snapshots.
This nasty bug will send various reports to its creators: a keylogger report, an image report (your webcam snapshots), a passwords report (various passwords it caught), an e-mail report (your e-mail passwords) and a Steam report (containing the passwords to any account the user may have created on Steam, a very popular online gaming platform). In order to steal the Steam login credentials, it drops the following image:
As always, be careful what you download onto your computer and where you download it from. Make sure you scan files before actually accessing them and always install and update a comprehensive internet security suite to keep your computer out of e-trouble.
Click wisely and safely!
This article is based on the information provided courtesy of Sabina Datcu, Bitdefender Online Threats Analyst and of Doina Cosovan, BitDefender Virus Analyst.
All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.