Bogus Steam Key Generator Masquerades as Spyware
GFI Labs the computer security company lately cautioned of one fresh Trojan spyware that circulating online pretended to be a keygen, short form of key generator, which was used while playing Steam the Internet game.
The security company stated that YouTube videos produced Internet sites, which on accessing took onto public portals that supposedly provided the "Generator.exe" keygen for download.
Communications and Research Analyst Jovi Umawing said that upon executing the file, no visible operation appeared on the user's computer-screen. Invisibly though, the Generator.exe keygen for Steam Game planted a file named 7.0.1428.crx, an extension file for Google Chrome that, however, was certain Trojan spyware harbored on theonlyone(dot)goodluckwith(dot)us. Taking the user's permission, the .crx file was subsequently planted onto Chrome, Umawing described. Help Net Security published this dated May 29, 2012.
The .crx file extension meanwhile, masqueraded as the genuine 'Avast! WebRep' browser plug-in, which's the AVAST Software security software firm's tool for rating websites. Any single person or group responsible for Avast! WebRep utilized the aforementioned approach for keeping invisible the file's malevolent operations, Umawing elaborated.
The webProtection.js sought strings associated with Internet games as well as e-mail accounts within URLs opened inside the user's browser. It waited till the user hit the "submit" button when it intercepted his username and password along with the full URL address.
The malicious file carefully watched Google as also Gameforge strings since the domain was stored while web-pages logged out inside a cookie from sites carrying those strings.
The background.js subsequently transmitted the cookie onto theonlyone(dot)goodluckwith(dot)us/request(dot)php?, and also the details regarding the Chrome version that the end-user was using.
The company concludes that meanwhile, someone has apparently crafted several YouTube profiles solely for still spreading the fake key-generator.
Related article: Bugs Swell In Browsers in 2006
» SPAMfighter News - 09-06-2012