Tool for Hacking Facebook Accounts Contains Remtasu Spyware

[Exterminator]

Content source

http://news.softpedia.com/news/tool-for-hacking-facebook-accounts-contains-remtasu-spyware-500132.shtml

Not surprisingly, a tool advertised as an app to hack into Facebook accounts contains Remtasu, a well-known piece of spyware that collects your information and uploads it to a remote server under the attacker's control.

First observed almost four years ago, Remtasu is a malware family specialized in discovering, collecting, and stealing user information.

Remtasu, which can be categorized as spyware, can log keystrokes, steal data from the clipboard, save the information to local files, and later upload it to a remote FTP server.

Remtasu now hides inside a Facebook hacking tool
This malware's most recent variant, Win32/Remtasu.Y, has been observed since the beginning of the year employing a new trick to infect computers.

While previous variants used spam email and weaponized Microsoft Office files to infect computers, Win32/Remtasu.Y took an entirely different approach, hiding inside the executable of an app named Hack Facebook.

This app isn't spread using spam email, since it will raise alarm bells to anyone receiving it out of the blue, but is hosted on direct download websites from where users download it themselves, after seeing advertising for its capabilities.

Since people can't help but be curious about what other people are doing on their Facebook accounts, the malware quickly became the most popular Remtasu variant on the market in only a few weeks after first being detected.

Most recent Remtasu infections were recorded in Latin America
ESET reports that most users infected with this tool are living in Colombia (65%), followed by Thailand (6%), Mexico (3%), and Peru (2%).

Additionally, this new variant also employs a classic boot persistence trick, by copying itself to the Windows System32 folder under a generic name (InstallDir), and then creating a registry key that launches the Remtasu process every time the user starts their computer.

A solid antivirus solution should help you detect Remtasu whenever you feel like hacking someone else's Facebook account.

 

[Rishi]

Problem with such tools is that there is no way to find out what the coder has hidden inside it and for what purpose unless you decompile it, mostly amateurs or really desparate people fall into such traps.These 'goodies' exploit the popular delusion that there is a 'hack' button somewhere on the web for everything.

 

[Venustus]

The irony is so thick you could choke on it!!​

 

[VilasS]

Not surprisingly, a tool advertised as an app to hack into Facebook accounts contains Remtasu, a well-known piece of spyware that collects your information and uploads it to a remote server under the attacker's control.

First observed almost four years ago, Remtasu is a malware family specialized in discovering, collecting, and stealing user information.

Remtasu, which can be categorized as spyware, can log keystrokes, steal data from the clipboard, save the information to local files, and later upload it to a remote FTP server.

Hi ,
Shall I get this malware files for analysis?

thanks
Vilas