Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Malware can steal Facebook, Twitter and Gmail accounts
Researchers have discovered a new and complex malware variant, based on the famous Zeus bank trojan but not just stealing bank accounts.
Named Terdot, this bank trojan has been around since mid-2016 and was originally designed to attack via MtiM (man-in-the-middle), steal credit card information and inject HTML code into the page. web.
Recently researchers at Bitdefender have discovered this trojan variant with the ability to use open source SSL tools to access social networks and email accounts, even fake fake posts. .
Banking days of using the MitM proxy allow interference in user traffic. Besides, it also has the ability to update automatically to download and execute files.
Bank Trojans but can steal accounts Facebook, Twitter and Gmail
According to the latest analysis, Terdot can target social networks, including Facebook, Twitter, Google Plus, YouTube and email services such as Gmail, live.com of Microsoft or Yahoo Mail.
See also: How to retrieve a hacked Facebook account
Malware can steal Facebook, Twitter and Gmail accounts Picture 1
Originally a banking trojan, the Terdot variant also stole the social network account
Interestingly, this malware avoids taking data related to Russia's largest social networking application, VKontakte (vk.com), so its author is from Eastern Europe.
This bank Trojan is mainly spread via hacked website with SunDown Exploit Kit, but can also be accessed via email with a fake PDF button icon. When clicked, it will execute the JavaScript code to load and run the malware file. To avoid detection, it uses a drip, inject and load into parts.
Once infected, it enters the browser process to transfer the web connection to your proxy, read traffic and inject spyware. It also steals the authentication information by viewing the victim's request or injecting the JavaScript spyware code into the response.
Terdot can overcome the limits of TLS (Transport Layer Security) by creating a CA (Certificate Authority) and authenticating the domains that the victim accesses. Any information sent to a customer or social network is viewed and edited by Terdot in real time, meaning it can also be distributed via fake links on social networks.
More information about this trojan, you can read more here.https://labs.bitdefender.com/2017/11/terdot-zeus-based-malware-strikes-back-with-a-blast-from-the-past/
Marvin FryYou should read it
- Can Trojans self-replicate?
- BankBot is back on Play Store - an uninterrupted story about malware on Android
- New malware discovered to steal bank accounts
- Use SEO to bring Google search results to bank trojans
- Stolen bank account with Trojan Banking
- Things to know about Gauss malware
- Appears new malware specializing in stealing Steam, Epic Games and EA Origin accounts
- 2 Dangerous Trojans are being distributed heavily through fake VPN webs
- Facebook Ads Manager becomes a victim of Trojan information theft
- Detected 4 banking trojans in 11 apps on Google Play Store
- How to protect bank accounts, Facebook, ... from appropriation
- Trojan, threat of financial security
Attack the network
BankBot is back on Play Store - an uninterrupted story about malware on Android- Updating to macOS 10.13.1 brings the root error back
- Update Teamviewer now if you don't want to be hacked
- SIM pairing 4G is locked on iPhone lock in Vietnam - Users should be careful!
- Apple updated the password revealing patch from the Disk Utility function
- Google: Dangerous for users when Microsoft does not patch Windows the same way on the OS
BankBot is back on Play Store - an uninterrupted story about malware on Android
Updating to macOS 10.13.1 brings the root error back
Update Teamviewer now if you don't want to be hacked
SIM pairing 4G is locked on iPhone lock in Vietnam - Users should be careful!
Apple updated the password revealing patch from the Disk Utility function
Google: Dangerous for users when Microsoft does not patch Windows the same way on the OS