Password-Stealing Malware Passteal Distributed via File Sharing Sites

A new variant has been found to rely on WebBrowserPassView to access sensitive data

By on November 21st, 2012 14:12 GMT

Experts warn that Passteal, the piece of malware that steals sensitive information stored in web browsers by relying on password recovery tools, is being distributed through file sharing websites.

Trend Micro researchers have identified Passteal versions disguised as e-books, key generators and even bundled with installer applications.

While older variants relied on PasswordFox to gain access to sensitive browser data, a new version (TSPY_PASSTEAL.B) has been found to use WebBrowserPassView instead. This enables the attackers to steal information from Internet Explorer, Firefox, Chrome and Safari.

In order to protect themselves against such threats, users are advised to be careful what they download from file sharing or BitTorrent websites, especially since this isn’t the only malicious element that’s masqueraded as an innocent-looking application on such sites.

Also, third-party password manager applications or features such as Firefox’s “master password” are a great way to protect sensitive information against pieces of malware such as Passteal.

Comments