Motsob

Motsob is a Trojan that was disseminated through e-mail spam attacks that lured victims into a compromised site through links themed after news regarding the Waco, Texas fertilizer plant disaster. While the drive-by-download exploit that was used to install Motsob has since been pulled down from its hosting site, SpywareRemove.com malware experts warn that computers already compromised by Motsob may be at risk for attacks like system-blocking pop-ups from Police Ransomware Trojans or theft of highly sensitive account information. Anti-malware applications can be used to remove Motsob from your computer, but you also should be cautious about securing any passwords or other personal information that may be stolen in the intervening time between Motsob's installation and its deletion.

Motsob: Doubling Tragedy as a News Courier

While the recent explosion of the Texan fertilizer plant near Waco already has taken the lives of at least fourteen people, Motsob aims to increase that count in cyberspace by using the tragic event to infect the computers of seemingly-random victims. Motsob was distributed by a spam e-mail campaign that has been found to be an imperceptibly-modified version of an antecedent campaign (one that installed Trojans through sites promoted by fake news e-mails for the Boston bombing). E-mail messages intended for distributing Motsob claimed to carry links for news about the above tragedy, and the accompanying website actually did include several embedded Youtube videos that were relevant to the topic. Sadly, Motsob also included a variant of the Blackhole Exploit Kit, which installed Motsob on vulnerable PCs.

Motsob uses a randomly-generated file name and appears to have been installed through a Java exploit (that has since been removed from the hosting site), although SpywareRemove.com malware researchers warn that BEK has been known to utilize exploits from other applications, as well. According to current analyses, Motsob is associated with (but not restricted to) attacks like the ones listed here:

• Motsob may steal passwords and other login information that can be used to compromise bank accounts, social networking accounts, etc.
• Motsob may employ or install PC threats that employ the archetypal function of a Police Ransomware Trojan: the presence of a screen-wide fake legal warning that requests some form of ransom – often accompanied by a total blockade that's set up against Windows and all other applications.
• Motsob may use your computer's resources to send spam, which also may hamper your computer's performance or stability.
• Motsob also may install other forms of malware automatically.

Stabilizing Your PC After Motsob's Explosive Intrusion

Motsob may not display explicit symptoms that allow you to detect Motsob, and does make rather obvious efforts to conceal its components from any casual observation. In spite of its potentially low-key nature, Motsob still may be complicit in attacks that damage your computer's privacy or security extensively. You should treat your PC as possibly infected after you've had any contact with sites like the ones described in Motsob's spam campaign.

Browser security features, anti-malware products with web security functions, software updates and the selective disabling of exploitable platforms like Java all can play their part in preventing drive-by-download attacks like those that install Motsob. If you need to delete Motsob, anti-malware applications should be used to scan your PC, which will, ideally, be able to detect both Motsob and any other malware that Motsob could have installed.