Malware That Drains Your Bank Account Thriving on Facebook

from In case you needed further evidence that the White Hats are losing the
war on cybercrime, a six-year-old so-called Trojan horse program that
drains bank accounts is alive and well on Facebook.

Zeus is a particularly nasty Trojan horse that has infected millions of
computers, most of them in the United States.
Once Zeus has compromised a
computer, it stays dormant until a victim logs into a bank site, and
then it steals the victim’s passwords and drains the victim’s accounts.
In some cases, it can even replace a bank’s Web site with its own page,
in order to get even more information– such as a Social Security number–
that can be sold on the black market.

The Trojan, which was first detected in 2007, is only getting more active. According to researchers at the security firm Trend Micro,
incidents of Zeus have risen steadily this year and peaked in May. Eric
Feinberg, founder of the advocacy group Fans Against Kounterfeit
Enterprise (FAKE), has noticed an uptick in Zeus-serving malicious links
on popular N.F.L. Facebook fan pages such as one created by a group
called “Bring the N.F.L. To Los Angeles.”

Mr. Feinberg said he had noticed an increase in such pages and malicious
links in recent weeks. He sent those links to Malloy Labs, a security
lab, which confirmed that the links on these pages were serving up Zeus
malware. The malware was being hosted from computers known to be
controlled by a Russian criminal gang known as the Russian Business
, which has been linked to various online criminal activities,
ranging from malware and identity theft to child pornography.

Mr. Feinberg said he has tried to alert Facebook to the problem, with
increased urgency, but wasn’t satisfied with their response
. A Facebook
spokesman directed this reporter to a previous Facebook statement
reminding users that it actively scans for malware and offering users
the opportunity to enroll in self-remediation procedures such as a “Scan-And-Repair malware scan” that can scan for and remove malware from their devices.

Mr. Feinberg said that after-the-fact approach was hardly sufficient.
“If you really want to hack someone, the easiest place to start is a
fake Facebook profile– it’s so simple, it’s stupid.”

“They’re not listening,” Mr. Feinberg added. “We need oversight on this.”

Leave a Reply