Acer Iconia Tab 7
Sony Xperia C3
Dell UltraSharp UP3214Q
Harman Kardon Aura
Airtel 3G Wi-Fi Dongle
Xiaomi Redmi 1S
Asus Zenfone 6
Asus Zenfone 5
HTC One (M8)
Advantages of buying an Android One device
Android One: Important developments around Google's big launch today
Galaxy Note 4 vs iPhone 6 vs One (M8) vs Xperia Z3: Specs shoot-out!
MyUniverse App: The smart way to manage finances
Interview: AskmeBazaar bets on sellers and bazaar model for growth
How tech is taking football to the next level
Classic FPS games are a dying breed
Slowly gathering steam...
The obsession within
Carmick Shift: Can John Carmack and Oculus Rift change the world?
Chrome for Android to answer your queries in search suggestions
Microsoft to preview next version of Windows on September 30
Panasonic's new camera phone has 1-in sensor and Leica lens
Samsung Galaxy Grand Prime 'selfie' phone leaks
Govt requests for user data rise by 150% in 5 years: Google
Moto G 2nd gen launched, available from midnight at Rs. 12,999
Xiaomi goes for the kill, prices Redmi 1S at Rs. 5,999 in India
Xiaomi lists Mi3 cases and power-banks on Flipkart, offers 10,400 mAh powerbank for Rs. 999
Moto G2 expected to be announced on 10 September
Motorola Moto X (Gen 2) smartphone, Moto 360 smartwatch announced for India
Karbonn Sparkle V
Spice Android One Dream UNO Mi-498
Micromax Canvas A1
Sony Xperia E3 Dual
LG L Bello
Tutorial: How to implement H.265/HEVC for Intel Atom Based Android Platforms
How to use Native Library Compression SDK for Android apps
How to use Intel Cilk Plus to speed up your Android application
How to get started with OpenCL on Android OS
How to implement Gesture Sequences in Unity 3D game engine via TouchScript framework
How to Develop an Intelligent Autonomous Drone using an Android Smartphone
How to choose the right engine for your x86-based Android game
How to create sample codes for Video 3D on Android
Android One Launch - Spice Dream Uno
Android One Launch - Karbonn Sparkle V
Sony Xperia C3 Review - Performance
Micromax Canvas Nitro A310 - First Impressions
Sony Xperia C3 Review - Build & Design
Hands on: Android One phones from Micromax and Karbonn
7 news stories that you may have missed this week
IDF 2014 Snapshot: Intel's key announcements and focus areas
5 quick ways to speed up your laptop's gaming performance
Best camera phones under Rs. 15K
Register for the Digit.in Reward Program
How to earn points?
The Trojan collected information on credit card details linked to the Facebook account and popular Zynga Poker player stats.
ESET claims in 2012 it had uncovered a Trojan malware that steals login details of Facebook users, called PokerAgent. The Trojan botnet also collected associated credit card information. Check out the security research firm’s full report, below:
ESET, the leader in proactive protection against Internet threats, discovered the ‘PokerAgent’ botnet that was designed to harvest Facebook log-on credentials, collecting information on credit card details linked to the Facebook account and popular Zynga Poker player stats, presumably with the intention to mug the victims. The Trojan managed to steal the login credentials of more than 16,000 Facebook users in 2012.
ESET Security Research Lab has discovered an attention-grabbing Trojan horse about a year ago. ESET has been detecting the different variants of the Trojan generically as MSIL/Agent.NKY. The malware focused on stealing personal Facebook (FB) login details and linking these with the user statistics of Texas HoldEm Poker, a very popular FB application by Zynga Inc., in case the victim plays this game.
According to data from ESET LiveGrid, a cloud powered real-time protection scanner, precisely 99% of all detections of Trojan were coming from Israel. ESET has contacted Israeli CERT (Computer Emergency Response Team) as well as Israeli police in early 2012. During the investigation ESET could not provide any details about this threat publicly and presently this threat has been deactivated.
Zynga Poker is a famous app available on all popular platforms: Zynga.com, iPhone, Facebook, iPad, Android. According to AppData, the application has a monthly share of 35 million active users. Zynga Poker on Facebook is considered to be the most popular online poker platform in India. While analyzing this botnet ESET estimates that the attacker could gain access to a total of 16,194 login credentials.
What was the actual scenario of the attack?The attacker used the Trojan to gain the user’s FB login credentials, his/her score in Texas HoldEm Poker game, as well as information on the amount of credit cards stored in his/her Facebook settings and available to increase the credit in the game of poker.
The game had a functionality that allowed replenishing the chip value using real money by inputting the credit card details or PayPal account. To gain the user’s login credentials, an army of 800 of computers were used – all infected and controlled by the attacker. These machines were executing commands from the C&C (Command&Control) server. The creator of the threat has launched an attack using the login credentials of several FB accounts, which were gained ahead of time.
The infected computers received a command to login into the user’s FB accounts and to gain the user’s Texas HoldEm score, as well as the amount of credit cards stored in his/her FB account. In case of a user w/o a credit card or low score, the infected computer received instructions to infect the victim’s FB profile with a link to a phishing site. This site has acted to directly or indirectly lure the player’s FB friends to a website resembling the FB homepage. In case the login credentials were input by them, they were also harvested by the attacker.
“Analyzing the attack flow, I can say users should be more careful and, initially, more educated. While noticing that Facebook login page is fake may not be possible all the times, especially if the bad guys had designed it well, storing your payment credentials, credit card or PayPal account details into any app on Facebook, smartphone or elsewhere can and should be avoided. Not only Texas HoldEm Poker, but any other Facebook application could have been infected in the same way”, says Pankaj Jain, Director at ESET India.
The number of threats utilizing Facebook is rapidly growing. To counter this trend, ESET has introduced a security application ESET Social Media Scannerwhich is available free of charge and is capable of scanning the user’s profile for the presence of malicious and phishing links. On top of that, the app can detect malicious links on the timeline of user’s Facebook friends.
Read more about ‘PokerAgent’ discovery in a dedicated blog post: http://blog.eset.com/2013/01/29/pokeragent-stealing-over-16000-facebook-credentials
ESET White Paper on ‘PokerAgent’ botnet available here: http://www.esetindia.com/.newsletters/pokeragent_WP.pdf