Jump to content

Recommended Posts

Posted

79b614b6d5f3988b9564559ff8b0b2fa.png

 

Not surprisingly, a tool advertised as an app to hack into Facebook accounts contains Remtasu, a well-known piece of spyware that collects your information and uploads it to a remote server under the attacker's control.

 

First observed almost four years ago, Remtasu is a malware family specialized in discovering, collecting, and stealing user information.

 

Remtasu, which can be categorized as spyware, can log keystrokes, steal data from the clipboard, save the information to local files, and later upload it to a remote FTP server.

 

Remtasu now hides inside a Facebook hacking tool

 

This malware's most recent variant, Win32/Remtasu.Y, has been observed since the beginning of the year employing a new trick to infect computers.

 

While previous variants used spam email and weaponized Microsoft Office files to infect computers, Win32/Remtasu.Y took an entirely different approach, hiding inside the executable of an app named Hack Facebook.

 

This app isn't spread using spam email, since it will raise alarm bells to anyone receiving it out of the blue, but is hosted on direct download websites from where users download it themselves, after seeing advertising for its capabilities.

 

Since people can't help but be curious about what other people are doing on their Facebook accounts, the malware quickly became the most popular Remtasu variant on the market in only a few weeks after first being detected.

 

Most recent Remtasu infections were recorded in Latin America

 

ESET reports that most users infected with this tool are living in Colombia (65%), followed by Thailand (6%), Mexico (3%), and Peru (2%).

 

Additionally, this new variant also employs a classic boot persistence trick, by copying itself to the Windows System32 folder under a generic name (InstallDir), and then creating a registry key that launches the Remtasu process every time the user starts their computer.

 

3f8e86923983b129f2137a641171dac4.jpg

 

 

 

Source:

http://news.softpedia.com/news/tool-for-hacking-facebook-accounts-contains-remtasu-spyware-500132.shtml

76c90dd0e79a714317a8daeecc1584d2.png

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...