Information Security all in one place!

Bot blackmails Facebook users

Image representing Trusteer as depicted in Cru...

Image via CrunchBase

Security specialists at Trusteer have discovereda variant of the Carberp trojan that pretends to suspend a user’s Facebook account. The malware hooks into the victim’s browser and intercepts requests that are sent to Facebook’s servers.

When a user tries to access the social network, the malware displays a message saying that the account has been temporarily suspended, and that a payment of €20 is required to verify the user’s personal data. Payment is to be made via Ukash– an anonymous payment system that doesn’t allow recipients to be traced.

Image representing Facebook as depicted in Cru...

Image via CrunchBase

Carberp’s behaviour is similar to that of the now widespread variants of the BKA trojan, which lock down victims’ computers and claim that they will only be unlocked once a payment has been made. This type of malware is referred to as ransomware; in most cases, paying the ransom has little or no effect.

Carberp is a trojan toolkit that criminals have primarily used to compromise online banking facilities. It spreads using methods such as compromised PDF and Office files, and contains remote control functions that allow it to accept and execute arbitrary commands from the botnet operators.

Read More:



One response

  1. I love the web site information and really liked analyzing your content material and had to comment on them. I feel it is amazing. I located your page at a search on google, keep up the fantastic work, I’ll make sure to check back again.

    February 16, 2012 at 5:15 PM

Let's hear what you have to say.

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s