While analyzing the Koobface trojan, I just made a interesting find. As mentioned in my post “Koobface – the social network trojan” from last year, Koobface uses social networks to spread itself. So let me ask you: What does a trojan need to spread itself on social networking sites? The answer is simple: A valid account. The cybercriminal has two possiblities to obtain valid accounts:
- Using some phishing tricks to steal credentials
- Creating fake accounts
There are two reasons why most cybercriminals are trying to phish the credentials from users of social networking sites instead of creating fake accounts by their own:
- Most of the time the register forms of the social networking sites are protected with a captcha
- At the moment, there is no reliable method to break captchas
As described in my post about Koobface last year, the Koobface trojan is able to “break” captchas (to be correct, the trojan isn’t able to break captchas rather then it servs the captchas to the infected bots where the captchas will be solved by the users). By using this technique, he is able to create hundreds of faked accounts on social networks (per minute!).
read more at : http://www.abuse.ch/?p=2268
No comments:
Post a Comment