Date:13/02/12
Cyber criminals are selling bulk log-in credentials for social sites, such as Facebook and Twitter, and web server management software cPanel, according to security researchers.
"These details are not on sale so people can cause mischief but for real financial gain," Oren Kedem, product marketing director at Trusteer, told Computing.
The criminals boast a haul of 80GB of credentials that they are advertising at wholesale prices, or at $30 a log-in when divided into network- and country-specific batches with corresponding personal email addresses.
A blog by Trusteer's chief technical officer Amit Klein reports two botnet operators advertising a "factory outlet" of social network login credentials, and another offering to sell logins and URLs that would allow a fraudster to take control of certain websites. Specifically, the advertiser is offering cPanel credentials.
Control of the website admin software would enable a fraudster to inject malware into the site that could later harvest financial details, said Kedem.
Social network log-ins could be used in social engineering attacks to lure friends of the hacked to fraudulent sites where they would be duped into downloading malware that could, again, perpetrate financial theft, he added.
Facebook officials told Trusteer that the social network actively detects known malware on users' devices and validates every login to the site to check for malicious activity.
Meanwhile security firm GFI published its latest monthly cyber attack report, showing an increasingly sophisticated landscape of social-engineering-based scams.
Gamers looking for a pirated release of Pro Evolution Soccer 2012 were targeted with rootkit malware, while Halo lovers were tempted to sign up for a bogus beta programme.
Tumblr users were baited with free Southwest Airlines tickets in exchange for filling in a pointless survey, and small business owners were attacked with fraudulent customer complaint notices from the Better Business Bureau which led to malware sites.
Stolen Facebook and Twitter log-ins on sale for $30 each
Cyber criminals are selling bulk log-in credentials for social sites, such as Facebook and Twitter, and web server management software cPanel, according to security researchers."These details are not on sale so people can cause mischief but for real financial gain," Oren Kedem, product marketing director at Trusteer, told Computing.
The criminals boast a haul of 80GB of credentials that they are advertising at wholesale prices, or at $30 a log-in when divided into network- and country-specific batches with corresponding personal email addresses.
A blog by Trusteer's chief technical officer Amit Klein reports two botnet operators advertising a "factory outlet" of social network login credentials, and another offering to sell logins and URLs that would allow a fraudster to take control of certain websites. Specifically, the advertiser is offering cPanel credentials.
Control of the website admin software would enable a fraudster to inject malware into the site that could later harvest financial details, said Kedem.
Social network log-ins could be used in social engineering attacks to lure friends of the hacked to fraudulent sites where they would be duped into downloading malware that could, again, perpetrate financial theft, he added.
Facebook officials told Trusteer that the social network actively detects known malware on users' devices and validates every login to the site to check for malicious activity.
Meanwhile security firm GFI published its latest monthly cyber attack report, showing an increasingly sophisticated landscape of social-engineering-based scams.
Gamers looking for a pirated release of Pro Evolution Soccer 2012 were targeted with rootkit malware, while Halo lovers were tempted to sign up for a bogus beta programme.
Tumblr users were baited with free Southwest Airlines tickets in exchange for filling in a pointless survey, and small business owners were attacked with fraudulent customer complaint notices from the Better Business Bureau which led to malware sites.
Views: 1050
©ictnews.az. All rights reserved.
Similar news
- Cellphone Use May Raise Cancer Risk
- Australian police pushes cyber safety education
- Vietnam aims to lead in e-government
- Senate Website Gets Hacked
- US builds net for cyber war games
- Japan enacts anti-computer virus law
- India passes law vs e-waste
- Anonymous Declares War On The City Of Orlando
- Microsoft highlights evolving dangers as online identity data proliferates
- Consumers want internet security to be provided by banks
- Government facilities targets of cyber attack
- South Korean web attacks might been war drill
- Sri Lanka to Establish National Passport Database to Increase Border Security
- Hi-tech crime agencies set to employ information security professionals
- Phone hacking and online campaign bring down the News of the World
