Once again Facebook is on The Hacker News! now not for any scam or police investigation, except for a special reason.
The social networking big has managed to require down a Greek botnet that used Facebook to unfold malware and infected 250,000 computers to mine crypto-currencies, steal bitcoins, email passwords, and banking details.
Facebook is often one in every of the favorite weapon of cybercriminals, cyber thieves, and scammers thanks to its quality among different social media platforms. This social networking platform, with over one billion active users, provides special opportunities for individuals to attach and share info, additionally as additionally serves a good platform for malware developers and scammers.
The botnet, dubbed as Lecpetex, was around from December 2013 to last month and compromised around fifty,000 Facebook accounts at its peak, below that users would receive spam Facebook messages that will generally like "lol" with a zipper archive attachment.
Once the attachment is opened, it might execute Associate in Nursing embedded Java archive file that will transfer Lecpetex main module and install a program to start Litecoin mining on the Q.T. on the infected pc, and at a similar time, different malware sent out from the botnet would steal bitcoins, email passwords, and net banking details.
Moreover, the module would transfer and run the Facebook spamming module that will hijack user’s account by stealing cookies from their browser in an attempt to realize access to the victim's Facebook friend list so it may additionally channelize additional spam messages to every friend with a zipped file containing malware.
The Lecpetex botnet infect computers with the family of various malware, as well as the DarkComet remote access trojan, through straightforward social engineering techniques, and therefore the operators behind it were perpetually modifying it so as to evade detection, each by Facebook's attachment scanning software package additionally as anti-virus software package.
Security researchers at Menlo Park same the thirty-one and twenty-seven-year-old botnet creators delivered over twenty distinct spam campaigns, moving users in Hellenic Republic, Poland, Norway, India, Portugal, and the US. Not even the malware targeted Facebook alone, the malware was additionally delivered through torrent files containing pirated content like movies, games, and MP3s to trick unwitting downloaders, however, this wasn't ascertained by Facebook bods.
"On April thirty, 2014, we have a tendency to escalated the Lecpetex case to the crime Subdivision of the Greek Police, and therefore the agency straight off showed robust interest within the case," Facebook engineers wrote in an unauthored post.
After 5 months of examination, irritated botnet creators began departure messages for Facebook engineers from their command and management servers oral communication that:
"Hello, individuals.. :) however, am not the f***ing Zeus larva/Skynet bot or no matter piece of sh*t. no fraud here. solely a little of mining. Stop breaking my ballz.."
They additionally modified their crypto keys to the phrase 'IdontLikeLecpetexName'.
But Facebook didn’t stop its investigation and continuing to focus on botnet with new countermeasures and automatic tools so as to extract additional info from the botnet to trace its creators, and at last theGreek Police in remission, 2 hackers last week, a 31-year-old and a 27-year-old UN agency were each scientific discipline students.
"According to the Greek Police, the authors were within the method of creating a Bitcoin 'mixing' service to assist launder purloined Bitcoins at the time of their arrest," same Facebook. “Ultimately, remediating a threat like Lecpetex needs a mix of technical analysis capabilities, business collaboration, nimbleness in deploying new countermeasures, and enforcement cooperation."
The Greek newsman says that the Lecpetex operation is that the biggest case ever handled by Greece's Cyber Crime Unit.
Facebook is often one in every of the favorite weapon of cybercriminals, cyber thieves, and scammers thanks to its quality among different social media platforms. This social networking platform, with over one billion active users, provides special opportunities for individuals to attach and share info, additionally as additionally serves a good platform for malware developers and scammers.
The botnet, dubbed as Lecpetex, was around from December 2013 to last month and compromised around fifty,000 Facebook accounts at its peak, below that users would receive spam Facebook messages that will generally like "lol" with a zipper archive attachment.
Once the attachment is opened, it might execute Associate in Nursing embedded Java archive file that will transfer Lecpetex main module and install a program to start Litecoin mining on the Q.T. on the infected pc, and at a similar time, different malware sent out from the botnet would steal bitcoins, email passwords, and net banking details.
Moreover, the module would transfer and run the Facebook spamming module that will hijack user’s account by stealing cookies from their browser in an attempt to realize access to the victim's Facebook friend list so it may additionally channelize additional spam messages to every friend with a zipped file containing malware.
The Lecpetex botnet infect computers with the family of various malware, as well as the DarkComet remote access trojan, through straightforward social engineering techniques, and therefore the operators behind it were perpetually modifying it so as to evade detection, each by Facebook's attachment scanning software package additionally as anti-virus software package.
Security researchers at Menlo Park same the thirty-one and twenty-seven-year-old botnet creators delivered over twenty distinct spam campaigns, moving users in Hellenic Republic, Poland, Norway, India, Portugal, and the US. Not even the malware targeted Facebook alone, the malware was additionally delivered through torrent files containing pirated content like movies, games, and MP3s to trick unwitting downloaders, however, this wasn't ascertained by Facebook bods.
"On April thirty, 2014, we have a tendency to escalated the Lecpetex case to the crime Subdivision of the Greek Police, and therefore the agency straight off showed robust interest within the case," Facebook engineers wrote in an unauthored post.
After 5 months of examination, irritated botnet creators began departure messages for Facebook engineers from their command and management servers oral communication that:
"Hello, individuals.. :) however, am not the f***ing Zeus larva/Skynet bot or no matter piece of sh*t. no fraud here. solely a little of mining. Stop breaking my ballz.."
They additionally modified their crypto keys to the phrase 'IdontLikeLecpetexName'.
But Facebook didn’t stop its investigation and continuing to focus on botnet with new countermeasures and automatic tools so as to extract additional info from the botnet to trace its creators, and at last theGreek Police in remission, 2 hackers last week, a 31-year-old and a 27-year-old UN agency were each scientific discipline students.
"According to the Greek Police, the authors were within the method of creating a Bitcoin 'mixing' service to assist launder purloined Bitcoins at the time of their arrest," same Facebook. “Ultimately, remediating a threat like Lecpetex needs a mix of technical analysis capabilities, business collaboration, nimbleness in deploying new countermeasures, and enforcement cooperation."
The Greek newsman says that the Lecpetex operation is that the biggest case ever handled by Greece's Cyber Crime Unit.
0 Comments