14 DAY TRIAL // ThreatTrack Security researchers have performed an in-depth analysis of a piece of malware that’s currently being distributed with the aid of bogus Bank of America notifications.
Entitled “Instructions Secured E-mail.pdf,” the emails read something like this: “I will forward the application through a secure e-mail. Attached are instructions for you to create a password to open the secure e-mail from us. Just a bit of security for when we transmit confidential information.”
The zip file that’s attached to the emails hides the malware, identified as a variant of Fareit, a Trojan designed to steal information from infected systems.
This particular version of Fareit uses a hardcoded list of passwords in an effort to gain access to accounts. It’s capable of stealing stored credentials from various applications, mostly FTP clients such as Filezilla, FTP Commander, TurboFTP, FTP Explorer, and WinFTP.
Technical details of this malware are available on ThreatTrack Security’s website.