Modernizing Authentication — What It Takes to Transform Secure Access
The site offered visitors two ways to access the information: either enter their Facebook login credentials, or download the supposed app. In the former case, the attackers then had the victim's Facebook login info -- and in the latter case, the file downloaded was actually malware identified by Symantec as the Infostealer Trojan.
The malware adds executable files to the registry run key, sets up a keylogger that tracks everything the victim types, checks for Internet connectivity by pinging google.com, then sends it to the attacker's e-mail address. On the site that Symantec examined, however, the e-mail address hadn't been active for three months.
Regardless, the researchers write, the lessons are clear: check the URL of the Web site when logging into your account, don't click on suspicious links in e-mail messages, don't enter personal information in a pop-up window, and use comprehensive security software.https://o1.qnsr.com/log/p.gif?;n=203;c=204634421;s=15939;x=7936;f=201702151714490;u=j;z=TIMESTAMP;a=20304455;e=i
Photo courtesy of Shutterstock.