Carberp Trojan stealing Ukash e-cash vouchers


The Carberp Trojan is targeting Facebook users in an attempt to steal login credentials. Carberp allows its developers to anonymously exploit Facebook users who use Ukash e-cash vouchers. Carberp replaces a user Facebook page and redirects (using a MitB attack vector) the user to a fake page notifying the user that their Facebook account is locked. The user is asked for personal information including a Ukash 20 Euro to unlock the account. The page claims the e-cash voucher will be added to the Facebook account; however it is transferred to the Carberp bot master which then uses it to convert into cash. Ukash like most e-cash voucher systems offers anonymity, so it’s easy for the fraudsters to sell the e-cash vouchers anywhere anytime without being traced. Source: ID Theft Protect

January 25, 2012
Notify of

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Inline Feedbacks
View all comments
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023
What certifications or qualifications do you hold?
Max. file size: 150 MB.

What level of experience should the ideal candidate have?
What certifications or qualifications are preferred?

Download Free eBook

Step 1 of 4


We’re committed to your privacy. Hakin9 uses the information you provide to us to contact you about our relevant content, products, and services. You may unsubscribe from these communications at any time. For more information, check out our Privacy Policy.