After infection by this Trojan, you�re completely locked out of the system.
You get this screen �� it takes over your entire desktop:
Click on �Click to activate new license�, you get this screen:
Turns out it�s coming from a website, which I�ve posted the same screens, below:
Different countries have different numbers. For example, here is the UK:
And here is France:
Incidentally, a search on the US 900 number shows the first link as passwordtwoenter com, which shares an IP with a number of other similar sites:
p2e com
chargemybill com
chargemyphonebill com
password2enter com
passwordtoenter com
passwordtwoenter com
phonetoenter com
pin2enter com
pintoenter com
pintwoenter com
ptwoe com
Apparently, this is a payment processor that�s now being used for malware, whether they know it or not.
Alex Eckelberry
(thanks Adam Thomas and Patrick Jordan)
Update: Pay-by-phone processor cancels account. More here.
No comments:
Post a Comment