I have heard of trojans that are sent thru hotmail and other online email services and capture passwords if they are replied to. Something like that. How do they work?
with respect
Pythras
Printable View
I have heard of trojans that are sent thru hotmail and other online email services and capture passwords if they are replied to. Something like that. How do they work?
with respect
Pythras
I believe you would be talking about wurms or virii; trojans aren't capable of working like that.
The trojan is sent to you in an email message as an attachment. When you open the attachment, it is installed on your computer. One of the things that gets installed is a keystroke logger. This logger serarches for the word password on your screen, and captures whatever you type in after it. Your text is then sent off to a hotmail account owned by the person that sent you the trojan....
unlike outlook explress, trojans can not excuted on web based mail ( unless you download and run them ).
Sometimes it's a key-logger but sometimes it brings up a fake "re-login" screen.
You know guys & gals...
Maybe he has his terms mixed up?
Because from what I've read...
If we remove the word Trojan...It sounds like one of the vulnerabilities Hotmail HAD with it's ability to parse scripting languages.Quote:
that are sent thru hotmail and other online email services and capture passwords if they are replied to
What you may also be talking about is something called Cross Site Scripting (XSS)!
In that case, it would be an unsuspecting link..that when clicked would send a user's cookie to an attacker. The attacker could then use the cookie to access the users email (assuming it was within a certain timeframe)
Hope that helped :)
Simon Templer :)
Hell a trojan can do more than just take away your privacy, it can help peaple take over a system if setup properly.