BitDefender Warns of Email Invitation to HackMsn.exe Tool

A mass mail invitation to a suspicious �do-it-yourself� account hacking tool puts Windows Live Messenger users at risk.

The first step of this data harvesting scheme is an email claiming legitimacy by making some puzzling statements: �This tool could be used by hackers to hack MSN passwords, it should not because Windows Live password hacking is illegal!� It�s allegedly intended for �� the use of owners to hack their own MSN accounts �� and for �forensic scientists�. And the final reference to HackMsn.exe�s validity is its use for situations in which you are �� able to login without having to enter your password�.

The promised tool is supposed to be downloaded using the link embedded in the message. This is where HackMsn.exe drops its mask and reveals that it�s a backdoor at heart.

Identified by BitDefender as Backdoor.Bifrose.AADY, this piece of malicious code affects Windows platforms. The malware injects itself into the explorer.exe process and opens up a backdoor that allows unauthorized access to, and control over the affected system.

Moreover, Backdoor.Bifrose.AADY attempts to read the keys and serial numbers of various pieces of software installed on the affected computer, while also logging the passwords to the victim�s ICQ, Messenger, POP3 mail accounts, and protected storage.

This is not the first campaign aiming to disseminate this piece of malware. You can find out the details of another scheme it�s been part of on the Malwarecity Blog.