Before few months, Heartbleed bug has shocked almost web savvy person with a serious vulnerability in OpenSSL. Spammers are now taking advantage of Heartbleed bug found in OpenSSL Library and making users victim of phishing mail. Symantec currently revealed about a Heartbleed spam campaign that scares people about Heartbleed infection on PC. A spam email states that whether users have changed their password or not they are still vulnerable to Heartbleed bug. This spam email contains Heartbleed bug removal tool to clean user’s PC from this infection.
However, many users are still unaware about the fact of Heartbleed bug and fall victim of such social engineering techniques by opening the attached file in such spam email. The email contains a subject line, “Looking for Investment Opportunities from Syria” which seems an irrelevant to Heartbleed bug.
This spam email pretends to be legitimate coming from a password management company and offers detailed guide on installation of malware removal tool. Even the guideline also shows steps if any antivirus in user PC blocks this tool. The attachment is of docx file and when a user opens the attachment, an encrypted zip file appears. After unzip the file, users will find the .exe file of Heartbleed removal tool.
After running .exe file, the tool installs a keylogger appears as a progress bar. When a progress bar completes the clean process it displays a message that the computer is clean.
The bad thing is users feel relax when they show a message that their PC is not infected but the installed keylogger take screenshots of user activity and records keystroke of users. This malware tool sends sensitive information to a free-hosted email provider.
Symantec warns users about not clicking on any Heartbleed spam email also advice users to avoid furnishing any personal information in email.
Symantec named this malware as Trojan. Dropper and Symantec even also named the downloaded file as infostealer.
Author Bio:
Jason Parms is a Marketing Manager at SSL2BUY Inc. He also loves to bring awareness about cyber crime and online security with writing and sharing different articles, press releases and blogs.