Bot blackmails Facebook users
Security specialists at Trusteer have discovereda variant of the Carberp trojan that pretends to suspend a user’s Facebook account. The malware hooks into the victim’s browser and intercepts requests that are sent to Facebook’s servers.
When a user tries to access the social network, the malware displays a message saying that the account has been temporarily suspended, and that a payment of €20 is required to verify the user’s personal data. Payment is to be made via Ukash– an anonymous payment system that doesn’t allow recipients to be traced.
Carberp’s behaviour is similar to that of the now widespread variants of the BKA trojan, which lock down victims’ computers and claim that they will only be unlocked once a payment has been made. This type of malware is referred to as ransomware; in most cases, paying the ransom has little or no effect.
Carberp is a trojan toolkit that criminals have primarily used to compromise online banking facilities. It spreads using methods such as compromised PDF and Office files, and contains remote control functions that allow it to accept and execute arbitrary commands from the botnet operators.
Read More: http://tinyurl.com/7y262oa
- New stealthy botnet Trojan holds Facebook users hostage (go.theregister.com)
- Carberp Steals e-cash Vouchers from Facebook Users (trusteer.com)
This entry was posted on January 19, 2012 by NetSecurityIT. It was filed under Enterprise, General Security, Hacking, Malware, Network Security, Policies, Security, Security Advisory, Vulnerabilities, Zero-Day and was tagged with Carberp, control functions, Facebook, Malware, Online banking, Ransomware (malware), security specialists, Social network, Trojan Horses, Trusteer, Ukash.