Array
(
)
Computerworld India News | Facebook Users' Credit Card Data at Risk From New Trojan | Computerworld.in

Facebook Users' Credit Card Data at Risk From New Trojan

Lucian Constantin May 16, 2012
New Zeus version injects rogue debit card-related offers into popular websites.

A new variant of the Zeus trojan tricks users into exposing their debit card details by displaying rogue offers when they visit Facebook, Gmail, Yahoo and Hotmail, according to researchers from security firm Trusteer.

"We've recently discovered a series of attacks being carried out by a P2P [peer-to-peer] variant of the Zeus platform against some of the Internet's leading online services and websites," Trusteer CTO Amit Klein said in a blog post. "The attacks are targeting users of Facebook, Google Mail, Hotmail and Yahoo -- offering rebates and new security measures."

Like most financial malware, Zeus has the ability to inject malicious content into browsing sessions. This functionality is commonly used to display rogue Web forms when users visit online banking websites.

In a similar fashion, the new Zeus variant analyzed by Trusteer exploits the trust relationship between users and well-known service providers to achieve its goals, Klein said.

When victims visit Facebook, the malware displays a fake offer for getting 20% cash back when buying Facebook Credits with a MasterCard or Visa debit card. The users are asked to link their cards with their Facebook accounts, a process that involves exposing their card's details.

LATEST NEWS

Google App Maker aims to ease enterprise development

Google is making it simpler for business to create custom apps. Its new App Maker service lets you integrate apps with Google's services and run them on the same data center infrastructure as its G Suite of productivity software.