Malware steals Facebook users' log-in details.
The malware then linked the stolen Facebook login details
with the user statistics of Texas HoldEm Poker. If the Facebook user played
Texas HoldEm Poker and was one of the people whose details were stolen, their
credit card details could be accessed by the cyber-criminals.
The malware was then able to increase the users' credit in
the game of poker. The game has a functionality that allowed users to replenish
their chip values using real money by inputting the credit card details or using
their PayPal account.
To gain the user's login credentials, an army of 800 of
computers were used - all infected with the Trojan and controlled by the
Texas HoldEm Poker is a legitimate and very popular Facebook
application by Zynga Inc and the application has a monthly share of 35 million
ESET began studying the Trojan at the beginning of 2012 and
ESET users were protected against it from December 2011.
"To protect against attacks relying on social
engineering methods, having a good security solution is not enough, users
should be attentive to any such ploys," said REbert LipovskE', ESET
Security Intelligence Team lead. "The user could recognise the fake Facebook login
page if they checked the site's URL."
In case of a user without a credit card or low score, the
infected computer received instructions to infect the victim's Facebook profile
with a link to a phishing site. This site then lured the player's Facebook
friends to a website resembling the Facebook homepage, where their log-in
details were also harvested by the attacker.
While analysing this botnet ESET estimated that the attacker
could gain access to a total of 16,194 login credentials.
2012 ITP Business Publishing Ltd. All Rights Reserved.
Provided by Syndigate.info an Albawaba.com company