

Malware That Drains Your Bank Account Thriving On Facebook - scapbi
http://bits.blogs.nytimes.com/2013/06/03/malware-that-drains-your-bank-account-thriving-on-facebook/

======
gbrindisi
To everyone wondering why a 6yo trojan is still so used it is because Zeus
source code was fully released/leaked and it's been used ever since to build
new and improved variants like Ice IX, Gameover, Citadel, etc

~~~
rfnslyr
Where can I learn more about virus architecture/blackhat in general? Are there
any defacto communities out there for this sort of thing? Just curious.

~~~
chm
I would suspect communities concerned with illegal activities and state-of-
the-art (0-day) code not to be easily accessible. There must be some on TOR.

~~~
peterwwillis
It's pretty trivial to work your way into the community. Botherders and most
small-time blackhats are incredibly gullible and egocentric.

Here is some forum history:
<http://www.zoklet.net/bbs/showthread.php?t=177743>

------
paul9290
Why haven't banks created two way verification system yet???

Let me approve or disapprove a charge or money transfer of a certain amount
via a text message!!!

~~~
sjmulder
I’ve been with a few different banks (ING, Rabobank, Bizner, HSBC) and they
all use two step verification. Some send texts, others use a card reader or
such.

~~~
dkl
Ing in the US was bought by Capital One, and neither use key fobs (if that's
what you meant). Are you in the EU?

------
orthecreedence
They didn't really specify how this is being spread. If I have flashblock and
a modern browser, I'm assuming it's pretty hard for a site to randomly install
junk on my machine. Are people on Facebook downloading exe files or something?

~~~
DanBC
People on Facebook are visiting links, posted on Facebook, to external sites.

Those external sites are the sites with the malware.

Very few people block anything; people don't bother blocking flash or
javascript or even ads. (Adblock Plus, the most popular ad blocker, only has
15.5million users on Firefox.)

------
zenith2037
To become a whitehat. You have to know the trade in blackhat. Know your enemy.
And that goes both ways in network security.

------
ttrreeww
Zynga games?

