Thieves use social media sites to sell malware

Previously, this blog discussed the recent evolution of hackers into an organized online system that resembles mainstream approaches to online commerce. BankInfoSecurity has some more disturbing information about the means by which these criminal organizations are communicating. Apparently, a Facebook page that acted as a kind of hub for identity thieves was recently taken down, and it's yet another sobering reminder of how easy it has become to propagate threats to credit card processors.

The site, known as Casper Spy Botnet, allegedly listed guides for enterprising fraudsters on how to distribute viruses, steal credit card information, and other illegal practices. The site was also used to sell a type of virus known as a "trojan" that specifically goes after banking software. 

Primarily called Zeus but with variations like Zitmo and Zbot, this particularly nasty brand of software has been infecting phones and computers for years now, engineered to rob hapless users and bypass the kind of security measures some institutions normally depend on.

Limor Kessem of RSA, the organization that discovered the page in the first place, told BankInfoSecurity exactly what this page was and how it benefited card criminals.

"The developer was using it to sell Zeus and another guy, the one maintaining the page, was talking about selling credit-card numbers and committing fraud. They feel they can do this openly because law enforcement in their country probably does not care," Kessem said.

As the article suggests, there's only so much that institutions can do to react in this kind of situation, seeing how much organization groups like this can employ. However, a first step can be the continual use of safeguards to shore up POS card processing system security, and an attempt to gain a greater understanding of how these systems function. 

Leave a Reply

Scroll to Top