Printer Friendly

Malware steals Facebook users' log-in details.

Internet threat protection provider ESET, has discovered a social engineering trojan horse, which has managed to steal the login credentials of more than 16,000 Facebook users by creating a fake Facebook log-in page.

The malware then linked the stolen Facebook login details

with the user statistics of Texas HoldEm Poker. If the Facebook user played

Texas HoldEm Poker and was one of the people whose details were stolen, their

credit card details could be accessed by the cyber-criminals.

The malware was then able to increase the users' credit in

the game of poker. The game has a functionality that allowed users to replenish

their chip values using real money by inputting the credit card details or using

their PayPal account.

To gain the user's login credentials, an army of 800 of

computers were used - all infected with the Trojan and controlled by the

attacker.

Texas HoldEm Poker is a legitimate and very popular Facebook

application by Zynga Inc and the application has a monthly share of 35 million

active users.

ESET began studying the Trojan at the beginning of 2012 and

ESET users were protected against it from December 2011.

"To protect against attacks relying on social

engineering methods, having a good security solution is not enough, users

should be attentive to any such ploys," said REbert LipovskE', ESET

Security Intelligence Team lead. "The user could recognise the fake Facebook login

page if they checked the site's URL."

In case of a user without a credit card or low score, the

infected computer received instructions to infect the victim's Facebook profile

with a link to a phishing site. This site then lured the player's Facebook

friends to a website resembling the Facebook homepage, where their log-in

details were also harvested by the attacker.

While analysing this botnet ESET estimated that the attacker

could gain access to a total of 16,194 login credentials.

2012 ITP Business Publishing Ltd. All Rights Reserved.

Provided by Syndigate.info an Albawaba.com company
COPYRIGHT 2013 Al Bawaba (Middle East) Ltd.
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 2013 Gale, Cengage Learning. All rights reserved.

Article Details
Printer friendly Cite/link Email Feedback
Publication:ITP.net
Geographic Code:1U7TX
Date:Jan 30, 2013
Words:330
Previous Article:VMware stock slumps on missed estimates.
Next Article:Siemon begins Middle East recruitment drive.

Terms of use | Privacy policy | Copyright © 2020 Farlex, Inc. | Feedback | For webmasters