The Carberp Trojan is targeting Facebook users in an attempt to steal login credentials.
Carberp allows its developers to anonymously exploit Facebook users who use Ukash e-cash
vouchers. Carberp replaces a user Facebook page and redirects (using a MitB attack vector)
the user to a fake page notifying the user that their Facebook account is locked. The user is
asked for personal information including a Ukash 20 Euro to unlock the account. The page
claims the e-cash voucher will be added to the Facebook account; however it is transferred
to the Carberp bot master which then uses it to convert into cash. Ukash like most e-cash
voucher systems offers anonymity, so it’s easy for the fraudsters to sell the e-cash vouchers
anywhere anytime without being traced.
Source: ID Theft Protect
Author
- BlogSeptember 23, 2023Leveraging AI in Cybersecurity: Transforming Threat Detection, Prevention, and Beyond
- BlogAugust 24, 2023How Simply Browsing The Internet Gives Scammers An Advantage – And What You Can Do About It
- BlogJuly 1, 2022WEF - WiFi Exploitation Framework
- BlogMay 19, 2022Osmedeus is a Workflow Engine for Offensive Security