Facebook users targeted by Zeus banking Trojan
Summary
Users of the popular social network are being tricked into revealing their passwords and downloading a Trojan that steals financial data. Here's how...
Topics
On the heels of one fake Facebook e-mail scam, a researcher warned on Wednesday of another such campaign in which users of the popular social network are being tricked into revealing their passwords and downloading a Trojan that steals financial data.
In the latest scam being blasted to e-mail in-boxes, a legitimate-looking Facebook notice asks people to provide information to help the social network update its log-in system, said Fred Touchette, a senior security analyst at AppRiver. When the user clicks the "update" button in the e-mail, they are directed to a fake Facebook log-in screen where their user name is filled in and they are prompted to provide their password.
Here is a screen shot of the message in the body of the fake Facebook e-mail.(Credit: AppRiver)
When they give that information, victims are taken to a page that offers an "Update Tool," but that is actually the Zeus bank Trojan that is designed to steal financial and personal data, Touchette said. Users of smart phones that have the Facebook app installed can also easily be duped because the phishing e-mail appears as an actual Facebook notification complete with Facebook icon, he said.
For more, read "Bank Trojan botnet targets Facebook users" from CNET News.
Talkback Most Recent of 63 Talkback(s)
-
Is it safe to assume
that this threat can happen on any OS/Browser desktop or mobile?
bobiroc29th Oct 2009 -
Yes but...
various Stallman cultist and Job cultist will try to argue that either Linux or MacOSX are immune to this because of a so called superior BSD security model or something along this line.
Ceridan29th Oct 2009 -
Windows only?
The Trojan is a Windows Trojan.
gertruded29th Oct 2009 -
Don't be a hater...
You're sounding like a Gates cultist, lol
Prime Waverider29th Oct 2009 -
This is Windows only
You can write a Trojan for any OS, but this is
Windows only. No OS is immune to Trojans, but
some are better than others. Windows is slowly
getting a proper security model, well, actually
it has one, but there is still a lot of software
that will not function properly under this
security model. This means that for people to
run the software they need (and we don't have
PCs to run Windows) they need to disable Windows
security.
Since other OSs like BSD/Linux etc have had a
proper security model (albeit an inferior one to
the one in Windows right now) since their
inception, all software works within said
security model, and they are therefore generally
safer than Windows.
Another reason that BSD/Linux etc are safer than
Windows is their small market share. Most Trojan
writers simply do not write Trojans for other
operating systems than Windows. This alone makes
Windows significantly less secure. Windows
market share is therefore a "problem".
Can you write a cross-OS Trojan? Generally no,
you can't.
terjeb@...29th Oct 2009 -
Windows Security Model?
"(albeit and inferior one to the one in Windows right now)"
I highly doubt that any Windows security model is superior than any GNU/Linux/BSD Distribution. Windows is full of more holes than a bar of swiss cheese. Most of which seem to be put there on purpose and pretty much completely obvious.
techzine22nd Apr 2010 -
You shouldn't ...
...have to assume . What's the point of the article if after reading it, you have more questions than answers. Which to most average user just an answer to the question would've nullified the unnecessary verbiage..
FYI: Windows Only!
^o^
n0neXn0ne29th Oct 2009 -
phraseology
Your wording is difficult to understand do you mean most not must? What unnecessary verbiage...? user or users?
dhays29th Oct 2009 -
Is ...
the phraseology that important to YOU?
Have a nice day
^o^
n0neXn0ne29th Oct 2009 -
Well it did say
that users of smart phones with the facebook app should be aware too so it did leave it open that since this redirects you to a web based page asking you to log in confirming your facebook account login info that it could affect anything with a web browser. The trojan may be an exe which I read on the CNet site but the phishing page is a web page and can be accessed on any OS and browser which was the point of my comment.bobiroc29th Oct 2009 -
It was not a ...
... knock on your reading comprehension. Your assumption was absolutely correct.
My question is, why can't they put at the top of the article the affected platform(s). The reader shouldn't have to read the whole article to get a simple answer.
Have a nice day
^o^
n0neXn0ne29th Oct 2009 -
That I will agree with
Instead of having to click on links to other articles they should list affected platforms.bobiroc29th Oct 2009 -
Red herring
Just a philosophical thought...
Instead of encouraging users to remember which viruses target which platforms, they should be educated to identify the model / mode of transmission: An email asks you to download & run software on your computer.
Since the program does not execute on non-targeted platforms, those users should avoid downloading the virus for other less tangible reasons: eating bandwidth and other resources, wasting their time, etc.
So, identifying the platform in the article is a red herring. The assumption users do need to have is: "If an unsolicited email asks me to provide passwords & such or download software, it's probably a bad thing."
public@...29th Oct 2009 -
absolutely You should always know what you're dealing with
'"If an unsolicited email asks me to provide passwords & such or
download software, it's probably a bad thing."'
Yup, that's pretty much all that needs to be said.
And yes, never download ANYTHING you are not 100% sure of either;
a)what it is or, b) where it came from.
If you're unsure, but think it's something you might want to D/L or an
online app you want to use then I suggest you open a new browser
window and do a little homework about what exactly is involved with
this thing whatever it may be.
+[=TiM=]+
ARE WE NOT DRAWN ONWARD, WE FEW, DRAWN ONWARD TO NEW
ERA?
CryptiCiptyrC29th Oct 2009 -
rightly so trojan finder support
Yes I totally agree.
if one gets a file sent to them that an EXEictution file (filename).exe then you should always read the "README.TXT or READ.ME file that accompanys it
if as applicable with this one has nto got a readme.txt or read.me file then it's as was said by public@ a bad thing and warning bells should be alerted to anyone you know who might get it
mdbobbo31st Oct 2009
Talkback - Tell Us What You Think
The best of ZDNet, delivered
ZDNet Newsletters
Get the best of ZDNet delivered straight to your inbox
Facebook Activity
