Tool for Hacking Facebook Accounts Contains Remtasu Spyware


You should be safe if you're not trying to hack into someone else's Facebook account (using the Hack Facebook app)



Not surprisingly, a tool advertised as an app to hack into Facebook accounts contains Remtasu, a well-known piece of spyware that collects your information and uploads it to a remote server under the attacker's control.


First observed almost four years ago, Remtasu is a malware family specialized in discovering, collecting, and stealing user information.
Remtasu, which can be categorized as spyware, can log keystrokes, steal data from the clipboard, save the information to local files, and later upload it to a remote FTP server.
Remtasu now hides inside a Facebook hacking tool
This malware's most recent variant, Win32/Remtasu.Y, has been observed since the beginning of the year employing a new trick to infect computers.
While previous variants used spam email and weaponized Microsoft Office files to infect computers, Win32/Remtasu.Y took an entirely different approach, hiding inside the executable of an app named Hack Facebook.
This app isn't spread using spam email, since it will raise alarm bells to anyone receiving it out of the blue, but is hosted on direct download websites from where users download it themselves, after seeing advertising for its capabilities.
Since people can't help but be curious about what other people are doing on their Facebook accounts, the malware quickly became the most popular Remtasu variant on the market in only a few weeks after first being detected.
Most recent Remtasu infections were recorded in Latin America
ESET reports that most users infected with this tool are living in Colombia (65%), followed by Thailand (6%), Mexico (3%), and Peru (2%).
Additionally, this new variant also employs a classic boot persistence trick, by copying itself to the Windows System32 folder under a generic name (InstallDir), and then creating a registry key that launches the Remtasu process every time the user starts their computer.
A solid antivirus solution should help you detect Remtasu whenever you feel like hacking someone else's Facebook account.
Share on Google Plus

About Admin

This is a short description in the author block about the author. You edit it by entering text in the "Biographical Info" field in the user admin panel.
    Blogger Comment

0 comments:

Post a Comment