Trusteer Finds New Malware Configured as Ice IX
Security researchers from Trusteer the security company claim that one fresh configuration of malicious software dubbed Ice IX is circulating which even has a video advertising it.
The researchers explain that the assault essentially starts by involving the login web-page of Facebook where soon as any unwitting member logs in to access his account, there takes place the web-insertion process. Consequently, a pop-up message informs the member about the requirement of his verification details, so he can keep his Facebook account running.
Apparently, these details include his name, birth date, and postal address; his debit alternatively credit card number, the card's Card Verification Value (CVV), and its expiry date; and his Social Security Number.
Thus when all these details are entered, they get transmitted onto a messaging software program that the cyber-criminal controls, letting him to acquire admission into the victimized member's payment card account along with the funds in it.
Remarking about this kind of assault, Chief Technical Officer Amit Klein at Trusteer stated that it outlined the way cyber-crooks were moving out of their typical Internet-banking frauds and getting inside lateral applications that had a comparatively bigger consumer-base. He added that through assaults on omnipresent social-networking websites, particularly Facebook, the criminals managed in getting an enormous collection of victims. Trusteer.com published this on April 3, 2012.
Moreover, the criminals could as well utilize the data garnered from various social media end-users for carrying out scams of myriad types like those related to retail, Internet banking, or still further break into government or corporate networks.
Meanwhile, according to Trusteer, it has notified about the new assault to Facebook which's profusely proliferating on the Internet site.
In response, Facebook, in a statement, reminds members that it wouldn't ever request them for information like Social Security or credit card number, alternatively any other highly-confidential particulars except for their login credentials -username and password -to access their Facebook accounts.
However, for remaining safe from such attacks, it's advisable that Internauts always ensure their security software is working up-to-date on their PCs, while they habitually notify anything suspicious on their accounts to Facebook.
Related article: TRUSTe Certified Websites May Still Contain Malware
» SPAMfighter News - 11-04-2012