Carberp Malware is Back in a New Form to Target Facebook users
New Version Of Carberp Trojan Targets Facebook Users
A new version of the Carberp Trojan attempts to steal money from Facebook users by duping them into divulging an e-cash voucher, researchers say.
“Carberp replaces any Facebook page the user navigates to with a fake page notifying the victim that his/her Facebook account is ‘temporarily locked,'” says Trusteer CTO Amit Klein in his blog. “The page asks the user for their first name, last name, email, date of birth, password and a Ukash 20 euro [approximately $25 US] voucher number to ‘confirm verification’ of their identity and unlock the account.
Read more at DarkReading.com
Facebook Users Hit By Money-Grubbing Malware
A new version of the Carberp Trojan attempts to steal money from Facebook users by duping them into divulging an e-cash voucher, researchers say.
“Carberp replaces any Facebook page the user navigates to with a fake page notifying the victim that his/her Facebook account is ‘temporarily locked,'” says Trusteer CTO Amit Klein in his blog. “The page asks the user for their first name, last name, email, date of birth, password, and a Ukash 20 euro [approximately $25 U.S.] voucher number to ‘confirm verification’ of their identity and unlock the account.
Read more at InformationWeek.com
Win32/Carberp
Summary
Win32/Carberp is a family of trojans that may be delivered via malicious code, for instance by variants of Exploit:JS/Blacole. The trojan downloads other Win32/Carberp components to execute payload code such as stealing online banking credentials and log on data from numerous other software applications, downloading and executing arbitrary files, exporting installed certificates, capturing screen shots and logging keystrokes.
Read more on Malware Protection Center site
CARBERP Trojan Steals Information
As ZeuS draws the industry’s attention, a new spyware silently but successfully entered the cybercrime scene. CARBERP, as indicated in initial reports, is a new Trojan family that might have been created to challenge the already dominant ZeuS.
TROJ_CARBERP.A uses an ingenious technique to avoid detection. This malware deliberately drops a copy of itself and its component files in directories that do not require administrator privileges, effectively defeating Windows 7 and Vista’s User Account Control (UAC) feature. As such, its routines are not detected in newer Windows OS versions. More specifically, it drops files into the Startup and Application Data folders but neither creates nor modifies registry entries. Since files dropped in the Startup folder can easily be spotted even by novice users, CARBERP hooks two APIs to hide itself, its thread in Explorer.exe, and its component files.
Apart from its stealth tactics, the real danger that CARBERP brings is that it hooks network APIs in WININET.DLL to monitor browsing activities on the affected system. Furthermore, it contacts its C&C server to download a possible configuration file, to send a list of processes running in the affected system, and to receive arbitrary commands. These capabilities can enable the cybercriminals behind this malware to steal virtually any information they wish to get their hands on.
Read more on the Trend Micro Blog
Carberp: Quietly replacing Zeus as the financial malware of choice
Zeus ushered in a new era of malware, but it’s slowly losing its effectiveness. Don’t celebrate just yet; Zeus’s heir apparent, Carberp is ready to take over.
Financial malware like Zeus provide a significant ROI for the bad guys. Just ask fellow IT security writer Brian Krebs, who tirelessly reports on how much damage ZeuS has caused. I even added my two cents about Zeus and its successes.
What is financial malware?
Automated Clearing House (ACH) transactions and Electronic Fund Transfers (EFT) are the main focus of financial malware. The malcode tries to steal login and accounting information, allowing it to transfer the victim’s money to bank accounts of the attacker’s choice through the use of EFT.
Security experts focused on financial malware explain there are two types of attacks.
Read more at TechRepublic.com
Leave a Reply
Want to join the discussion?Feel free to contribute!