Feeds

back to article New stealthy botnet Trojan holds Facebook users hostage

A new strain of cybercrime Trojan is targeting Facebook users by taking over their machines and shaking them down for cash. Carberp, like its predecessors ZeuS and SpyEye, infects machines by tricking punters into opening PDFs and Excel documents loaded with malicious code, or attacks computers in drive-by downloads. The hidden …

COMMENTS

This topic is closed for new posts.
Anonymous Coward

Fleecing

It's what sheep are for isn't it?

7
3
Anonymous Coward

Re: Fleecing

Ahh, the bitterness and snide comments that come with having no friends. Is spending all your time on Usernet Star Trek groups really any better?

2
8

What has Facebook got to do with friendship?

10
0
Silver badge

"What has Facebook got to do with friendship?"

In fact research has shown that the Facebook generation have fewer real friends that they trust to help them with life issues than previous generations.

2
1
Coat

Friends.. who needs Friends?.. I still got my original tribble and action figures

I think a trojan that steals all your FB friends would be a lot more fun to watch. And you don't need e-cash to play on Usenet. But you better keep your mitts off my original Sulu doll, y'hear?

0
0
Anonymous Coward

That's a little harsh and bitter isn't it? Wouldn't let you have an account due to being an arse on other websites? So when they get bored with fleecing FB users and come after your chosen websites, are you going to be so flippant?

I dislike the whole FB thing but if people wish to use it, that's their business and as such they should be free to use it without harassment from scum like this extortionists.

2
0
Anonymous Coward

Harsh and bitter?

Nope, it's the FB corporate mission statement isn't it?

1
0
Silver badge

Forgive the question

When it says carefully crafted PDF's, can i assume that adobe reader has to be installed, or will this affect the sensible amongst us that use an open source/alternative such as foxit or sumatra...

3
1

Carefully crafted PDF's?

There's the give away.

Most of the PDF's being generated by your average office drone are utter drivel.

0
0
Silver badge

@cornz 1

But I think PDFs can execute code (Javascript?) so it may depend on exactly what they exploit. It could potentially carry payloads for multiple readers, so obscurity is no real defence. On a Windows box one needs that AV running.

Heck, on a GNU/Linux box one should be running AV also - mostly to avoid passing infection on to the less fortunate. :-)

Heck, one should probably only use the browser from within a VM, that way any infection can be erased with a simple "Revert to previous snapshot".

0
0
Silver badge

"But I think PDFs can execute code (Javascript?) so it may depend on exactly what they exploit. It could potentially carry payloads for multiple readers, so obscurity is no real defence. On a Windows box one needs that AV running."

Yes, it can carry a javascript payload. It was intended to give PDF documents a bit of "smarts" to navigate to certain pages under certain conditions, or perhaps do other "basic" things where you need some scripting. But being java, you can pretty much do anything.

I'm not sure AV software can insure you against this (no idea, I don't use any myself), but you can configure even the dreaded Adobe Free PDF Reader to simply ignore any attached java, effectively rendering you immune to this type of attack.

True, this breaks things for PDFs where java would come in useful, but so far with me, I haven't missed or even noticed the lack of java causing issues.

0
1

Java != JavaScript

Just sayin'

3
0

This post has been deleted by its author

I don't necessarily see...

...how this is a problem?

I mainly use Facebook to post funny things I've found while meandering in odd corners of the internet and for occasionally keeping in touch with people I don't often see.

If this kept a few of the idiots off Facebook it would be a more pleasant place!

0
0
Silver badge
Joke

If it kept the idiots...

...off Facebook, it would be empty!

14
0
Silver badge
Thumb Up

The BigYin

High 5 !

0
0
Anonymous Coward

"...it would be empty!"

It would be Google +

4
0

@The BigYin

Not all of them, but very few may survive.

0
0
Facepalm

I posted a link to this on FB, what's the chances that there are still people on my list that get caught with this, lmao

There's some thick feckers about, lol

0
0
Anonymous Coward

Question

Which platforms does it affect? (I'm guessing Windows)

0
1
Silver badge

"replaces any Facebook page the user navigates to with a fake page notifying the victim that their Facebook account is temporarily locked"

Where can I find this wonderful application so I can install it on all our corporate laptops. Doesn't sound like malware to me!

1
0
Thumb Up

The Fox Wins Again

Firefox + Noscript win again!

0
2

New stealthy botnet Trojan holds Windows users hostage

http://distrowatch.com/dwres.php?resource=review-winxp

0
0
This topic is closed for new posts.