Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Facebook scam leads to Citadel Malware


  • Please log in to reply
No replies to this topic

#1 herg62123

herg62123

  • Members
  • 553 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montgomery, AL
  • Local time:10:52 AM

Posted 25 July 2012 - 01:08 AM

We recently discovered a configuration of the Citadel malware that targets Facebook users with a a fake request for donations to children’s charities in order to steal credit card data.

After users have logged into their Facebook account, the Citadel injection mechanism displays a pop up that encourages the victim to donate $1 to children who “desperately” need humanitarian aid. Then, it asks users to fill in their credit card details. The malware is configured to deliver the attack based on the user's country/language settings, with web-injection pages in five different languages: English, Italian, Spanish, German and Dutch.

In an interesting twist, the criminals do not reuse the same text for every language. Instead, they have customized each attack based on the victim’s country and/or region.



More at the link: http://www.trusteer.com/blog/malware-targets-facebook-users-children%E2%80%99s-charity-scam


Forgot to post the link.

Edited by herg62123, 25 July 2012 - 01:09 AM.

Posted Image

BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users