Jump to content
begood

Demonstration of Facebook account credentials theft

Recommended Posts

Posted

When you use a computer other than your own, you have to be especially careful about what online accounts you access - particularly if the computer in question is in a library or an Internet cafe, where a lot of people can use it without raising suspicion and without having to give their personal information to do it.

A recent episode that a Sunbelt researcher was the protagonist of demonstrates how easily your Facebook account credentials can be stolen.

He was at his local library and noticed that one of the computers available for use had a flash drive sticking out of its ports. His curiosity aroused, he sat down and checked the contents of the drive and found an executable that sports an icon similar to the original Facebook logo and purports to be a "FaceBook Remote Viewer" that allows you to visit Facebook from school or work by avoiding firewalls.

When executed, the user is faced with this screen:

facebook-remote-fake.jpg

As the program loads, a website with a (grammatically flawed) description also loads in the background, as a way to defuse any skepticism that the user might have.

The program eventually asks the user to enter his or hers name, email and Facebook password, and seemingly proceeds with the log-in and loading process, but "fails" and shows the following screen:

facebook-remote-fake2.jpg

Of course, the firewall is not the problem - the program wasn't designed to allow you to access Facebook. It is a information-stealing Trojan that collects your credentials, which are now conveniently stored in a .txt file placed on the flash drive. The only thing left for the thief to do is to collect the drive and misuse the credentials.

Demonstration of Facebook account credentials theft

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...