The Carberp Trojan is targeting Facebook users in an attempt to steal login credentials.
Carberp allows its developers to anonymously exploit Facebook users who use Ukash e-cash
vouchers. Carberp replaces a user Facebook page and redirects (using a MitB attack vector)
the user to a fake page notifying the user that their Facebook account is locked. The user is
asked for personal information including a Ukash 20 Euro to unlock the account. The page
claims the e-cash voucher will be added to the Facebook account; however it is transferred
to the Carberp bot master which then uses it to convert into cash. Ukash like most e-cash
voucher systems offers anonymity, so it’s easy for the fraudsters to sell the e-cash vouchers
anywhere anytime without being traced.
Source: ID Theft Protect