Variants of the PASSTEAL malware are propagating by masquerading as key generators for paid applications, popular e-books, and other software on file sharing services, according Alvin John Nieto, a threat response engineer at TrendMicro’s TrendLabs.
PASSTEAL, as its name suggests, is a piece of malware that uses various password recovery tools to steal passwords stored in the browsers of its victims. Nieto claims PASSTEAL is novel in its deviation from keyloggers that simply log keystrokes.
The TrendMicro report names “WebBrowserPassView” and “PasswordFox” as two of the password recovery tools that they have found bundled with PASSTEAL, but Nieto believes that those responsible for PASSTEAL could be using any number of other recovery tools as well.
Password stealing malware such as PASSTEAL is particularly dangerous for users who share passwords across various online accounts, which is one of the many reasons that password sharing is a bad idea.