- The Ainslot.L bot scans computers and removes any other bots it finds
- It spreads in a fake email purporting to come from UK clothing company CULT
- The message is very well crafted to avoid raising suspicion
PandaLabs, the anti-malware laboratory of Panda Security –The Cloud Security Company– has reported on a new bot called Ainslot.L. This malware is designed to log user activities, download additional malware and take control of the system. Additionally, it acts as a banker Trojan, stealing log-in information related to banks. It also scans the computer looking for and removing other bots so that it becomes the only bot on the system.
“The fact that Ainslot.L removes other bots from infected systems definitely caught our attention”, explained Luis Corrons, technical director of PandaLabs. “It eliminates all competition, leaving the computer at its mercy. It reminds us of the popular ‘Highlander’ movies, – There can be only one –.”
It spreads in a fake email purporting to come from UK clothing company CULT. The message, which is very well crafted, informs users that they have placed a £200 order on CULT’s online store and the invoice amount will be charged to their credit card. The text includes a link to view the order which actually downloads the bot onto the computer.
According to Corrons, “Phishing emails are not usually so well done. There is no doubt that this time fraudsters have been very careful to try to make these messages look as real as possible to get as many bites as they can”.
More information is available in the PandaLabs Blog.
9 comments