Cybercriminals Selling Facebook, Twitter Logins via 'Factory Outlets'

Robbing identification details through malware like Zeus and SpyEye has become extremely easy, and leaves cybercriminals with excess information. According to InformationWeek's news published on February 9, 2012, two gangs of hackers are selling Facebook, Twitter, and cPanel login details in bulk rates to clear their inventories.

In their promotions, hackers are selling login details, even the personal email addresses of users all over the globe. The information is being sold in bulk in certain countries like the US, the UK and Germany. An advertisement by a botnet operator sells cPanel details and URLs which would permit users to extort control of duped websites.

Trusteer vice president (marketing) Yishay Yovel said that it was very appealing with cPanel run software for websites. After gaining an access to user details for this application, it would be easier for attackers to contaminate websites.

Usually, the most precious stolen credentials are for online banking sites, but gradually more bank Trojans like Zeus seem to be copying logins for other important websites too. Apparently, hackers are willing to collect each login that they locate on a victim's system, considering that these details would be important to someone at some point.

Such developments offer a pane into the huge cybercrime aftermarket that has grown on the internet due to advanced malicious software, Trusteer CTO Amit Klein was quoted as saying this by Techworld. Be it mass login details or pre-built web-injects, hackers have an extraordinary store of tools today to assault banks and enterprises. These cybercriminals can exploit cPanel details to install malicious code on websites which can utilize browser vulnerabilities and contaminate systems through drive-by-downloads. By making use of phishing electronic mails and social network posts, hackers can attract unwary users to these websites.

In last few years, there has been a rise in social-engineering-based cons. Malicious software writers persistently throw a broad net while picking ways of assault to reach maximum targets. Web crime operations are intended to cripple systems and filch private data, but their initial aim is to arrive at the victim. When they know the profile of their victims, they try all methods to raise their chances of victory and trick users into playing alongside.

Related article: Cheburgen.a: A New Email Worm

» SPAMfighter News - 2/22/2012