lsass.exe

Developers of rogueware seems to find nothing wrong with using the very necessary and important system files crucial to the proper functioning of the PC to bid their evil doing. This is the case with lsass.exe. Traditionally responsible for enforcing security policies in the PC’s Operating System, the lsass.exe process is the Local Security Authentication Server. Despite the importance of this process, there have been reports of late that lsass.exe have been used as a vehicle for malicious intent.

One of these malicious intents is lsass.exe acting as an executable for Trojan infections, and another is the use of lsass.exe for the promotion or eKerberos, a harmful and sinister rogue antispyware application. eKerberos displays the following fake warning with lsass.exe mentioned as well:

“Caution! Break-through attempt!
Process Isass.exe (1076) trying to get access to credit card information. What the risk?”

If the user is to deny access to the Isass.exe process, he will be redirected to eKerberos’s payment portal and advised to make payment. It is obvious by the bad grammatical structure of this fake security notification that this is a fake warning, and users are urged not to pay any attention to it.

As a rule, users are strongly advised to keep their legitimate security software fully updated with the latest security definitions, in an effort to successfully eradicate Isass.exe and similar threats in future.