WARNING: MSN Live Password Stealer trojan does exactly that

Thanks graciously to the guys over at mess.be for reporting the following this afternoon:

Malware going by the name of Msn Live Password Stealer and which does exactly what its name suggests, came on the radar of anti-virus company Sophos earlier this week and was added to their virus database as Troj/Msnfake-M.

Various versions of the password stealer (up until v4) are currently being distributed via Torrents and can very easily be configured, renamed and passed on to victims. When executed, the trojan displays a fake Windows Live Messenger login prompt and any entered username and password is automatically saved into c:\pas.txt (default destination). For the next step, the hacker can decide to show an error message, just terminate the application or terminate it and launch the real client. He can retrieve the stored login details via a pre-set e-mail address.

Sophos already updated their virus definitions files and other anti-virus firms can be expected to follow suit. To protect yourself from this trojan, do not accept and execute suspicious .exe/.bat/.pif/... files. Just to give you an idea, the filesize of this particular trojan is between 1 and 1.5 megabyte.

We know rumors insinuated the official release of Windows Live Messenger 8.1 today, but be aware that hackers often trick their victims into thinking they're being sent "the latest (Beta) version" of this or that software. Only download the client via ideas.live.com, Mess.be and of course BigBlueBall.com.