Online Game Password Stealers exploit 0-day DirectX vulnerability, Microsoft

Microsoft confirmed that malicious code designed to harvest online games account credentials had been detected bundled with exploits targeting the DirectShow vulnerability impacting Windows 2000 Service Pack 4, Windows XP, and Windows Server 2003. “Users, upon visiting a specially constructed web page that invokes the vulnerable media plug-in, will encounter exploit shellcode, which further execute and download […]
Microsoft confirmed that malicious code designed to harvest online games account credentials had been detected bundled with exploits targeting the DirectShow vulnerability impacting Windows 2000 Service Pack 4, Windows XP, and Windows Server 2003. “Users, upon visiting a specially constructed web page that invokes the vulnerable media plug-in, will encounter exploit shellcode, which further execute and download additional malware to the infected machines. Intending to bypass antimalware protection, malware binaries are encrypted in the download data stream. New dog, same old tricks. To wrap up the attack scene, under the cover of the new exploits are the old long-lived online-game password stealers: PWS:Win32/Wowsteal.AP (drops PWS:Win32/Wowsteal.AP.dll); TrojanDropper:Win32/Dozmot.C (drops PWS:Win32/Dozmot.C and VirTool:WinNT/Dozmot.A); and TrojanSpy:Win32/Lydra.AE. We recommend you revisit these security tips during your online and gaming adventures,” revealed.