From Vine of Life News:
Bogus “Pinterest tool” is actually a password-thieving Trojan
A phishing scam disguised as an item on your pinboard has landed on Pinterest, and could be thieving the usernames and passwords of unsuspecting pinners.
The scheme comes in the form of a pin, which, when clicked, redirects the user to a third-party site that asks you to download a “Pinterest tool.” Instead, the user downloads a browser plugin that reads the user’s password info for various websites.
Janne Ahlberg, an Internet security expert who frequently tests websites on his blog, analyzed the code for the “Pinterest Tool” and found it to be malware—specifically, an iteration of a known Trojan virus. According to Ahlberg and the F-Secure website, an Internet security testing site, the Trojan is designed to intercept “possible user name and password from visited websites and [send] them to the attacker’s server.”
Once you’ve inadvertently installed the malware, it masquerades as a regular browser extension:
But thankfully, the trick to removing it is easy: just go to your browser tools or extensions, locate the “Pinterest Tool,” and uninstall it.
The file name for the malware is Trojan.PWS.ZAQ., but Ahlberg believes there are other similar bugs around the site. One alternate version of the bug that was discovered over a year ago orders you to “install the Pinterest Tool to view this recipe. To continue, install the tool and enjoy more features of our site.”
Ahlberg recently unearthed a massive diet spam campaign spread over Twitter and Pinterest and involving hundreds of hacked websites. He advises that Pinterest users proceed with caution when accessing Pinterest, and shows them how to safely search Pinterest to see if a particular domain is infected.
Yesterday Ahlberg noted that the suspicious pins are still on the Pinterest website. But users looking to identify the culprit pins based on their addresses, however, might be thwarted: it appears the malware contains a bit of code that attaches itself to whatever normal pin a user might want to put on their site, causing it to redirect to an infected site housing the fake “tool.”
As Jason Hamilton at 404 Tech Support elaborates, the only way a casual user could tell something is off is by double-checking the URL:
In the case of these malware pins, the links went to a variety of blogspot blogs with a food blog sounding subdomain like icanhasrecipe.blogspot.com…. The url looks like icanhasrecipe.blogspot.com/?r=13498asd987149087&u=http://tasteofhome.com. Nothing [so] conspicuous that a casual user would notice something wrong.
Alhberg has identified over 20 such sites.
He expressed surprise that Pinterest has apparently done nothing to halt the spread of the virus. But even more surprising is that the version of the malicious plug-in discovered in 2012 is still there along with the newer version.
- Trojan Disguised as “Pinterest Tool” Steals Users’ Login Credentials (news.softpedia.com)
- Fake Pinterest “Password changed” email leads to malware (net-security.org)
- Bogus “Pinterest tool” is actually a password-thieving Trojan (dailydot.com)
About the author: Greg is a strong believer in Jesus Christ and is also a political analyst and author. By day he is a self-employed non-emergency medical transport driver, as well as being an author and blogger. His articles are first published on TCP News and Inspirational Christian Blogs, and from there the articles are widely published on many well-known conservative websites. If you would like to republish his articles, please feel free to do so leaving all links intact and crediting the author and the website that the article appeared on.
Greg is the author of the newly released book: Spiritual Darkness is Destroying America and the Church
Subscribe to my daily newsletter, and join hundreds of daily readers and receive news and relevant commentary.