DIY Facebook Malware Kit Digs for Login Credentials

Share it on Twitter  
Share it on Facebook  
Share it on Linked in  

Security software vendor BitDefender this week is warning Facebook users to be on the lookout for a new malware variant that can easily snag login and password credentials to the popular social networking site, as well as those to any number of banking or online accounts.

It's called Facebook Hacker and it's just the latest in a line of do-it-yourself malware kits that purport to make even the most amateur of hackers an instant expert in Facebook phishing.

According to an entry on BitDefender's MalwareCity blog, the kit can be purchased online and is "intuitive" and easy to configure, requiring only a disposable email account and a password.

Beyond snatching and distributing users' Facebook credentials, the Trojan delivered via the kit, which BitDefender has identified as Trojan.Generic.3576478, will also get its hands on any other credentials for other sites -- banking, enterprise VPNs, etc. -- and send those to the dummy email account established by the neophyte hacker.

"Once run, the malicious tool will snatch the victim's Facebook account's credentials, along with all the usernames and passwords that we carelessly ask the browser to remember for us ... because Facebook Hacker also targets the Internet browser and instant messaging clients to pick up the entire list of 'remembered' identification data," BitDefender's Loredana Botezatu wrote in the blog entry.

DIY malware kits have become such a plague on the Internet that the FBI and other international authorities have made it a priority to track down and arrest those responsible for selling the kits, which range in price from a few hundred dollars to a few thousand dollars apiece.

In July, the FBI and Slovenian authorities busted the man responsible for selling the infamous Butterfly botnet kit used to help spread the Mariposa botnet. Known as "Iserdo," the Slovenian suspect sold thousands of kits for between $650 and $2,000 each to help spread one of the most destructive pieces of malware in recent history.

BitDefender and other security software vendors recommend enterprises and consumers to make sure they've installed a regularly updated antivirus application on all PCs and mobile devices and to remember not to run files received as attachments or via instant messaging until they've been scanned.

However, in the case of the new Trojan.Generic.3576478, the malware includes a list of antivirus and networking products that it can block or terminate if found running on the intended victim's PC or mobile device.

Larry Barrett is a senior editor at InternetNews.com, the news service of Internet.com, the network for technology professionals.

Follow eSecurityPlanet on Twitter @eSecurityP.

Submit a Comment

Loading Comments...