Fake Lycos Screensaver Hides a Keylogger

Lycos made headlines during the past several days by distributing a screensaver designed to swamp the sites of those deemed responsible for spam with traffic, in effect giving spammers, at least the companies that bankroll them, a taste of their own medicine.





After passing the 100,000-download mark, the ‘Make Love Not Spam’ program was scrapped.





This week, F-Secure warns of emails that seemingly contain the screensaver but instead delivers a dangerous payload that piggybacks on the buzz surrounding Lycos’ controversial program. According to the company, the fake emails can be quickly identified via the following attributes:

Read more…Subject: Be the first to fight spam with Lycos screen saver


Attachment: Lycos screensaver to fight spam.zip



The malicious code, known as TrojanDropper.FakeSpamFighter, drops Perfect Keylogger components onto a victim’s PC. This makes it possible for a third party to monitor the keystrokes of an infected system, revealing user/pass combos to online accounts and exposing private information.





http://www.enterpriseitplanet.com/security/news/article.php/3445921