Maplestory Phishing Warning...

| | Comments (0)
Thought I'd get this online asap, as Maplestory is a pretty popular MMORPG and this one seems to be doing the rounds so let's get down to business.

A number of leet hax forums are promoting a tool that looks like this:

maplemezosz1.jpg

As you've probably guessed, the above is sent to the victim with the promise of free stuff (in this case, up to 100 million mesos and 50k NX, which I suppose sounds very impressive).

Anyone unfortunate enough to enter their Username, Password and PIN is going to find themselves on a one way trip to Phishtown courtesy of an EMail sent in the background to the attacker. We're still trying to grab a copy of this program (wary of leeching, distribution is currently limited to direct requests from trusted members on certain forums) but some of the features are pretty interesting. Check this out:

*Vista manifest for highest permission available (asks for admin permission before starting)
*Edits the hostfile so the victim cannot go to any help sites/nexon mainsite
*Checks to see if the username & password is correct, via the official website.
*Comes with a builder.
*E-mail tester in builder

In addition, these are pretty clever things for a program like this to do:

* Encrypts your GMAIL E-Mail & Password.
*Auto kills ALL running Process explorer(s) before sending you the inputted info.
*Auto kills ALL running WireShark(s) before sending you the inputted info.

Auto killing Wireshark and process explorers? Can't say I've seen that done in a phisher like this before.

Avoid the above program like the plague...

Leave a comment

About this Entry

This page contains a single entry by Christopher Boyd published on September 11, 2009 10:46 AM.

Too Good To Be True? Yes was the previous entry in this blog.

Skiddy EULA is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.