Cheats are currently using Facebook to steal your money and convert them directly into Bitcoin.
Polish cheats are allegedly running a complicated scam including the hack profile on Facebook. Immediately after the hack, they plunder bank accounts and quickly transfer stolen funds to Bitcoin anonymous wallets.
BadCyber was discovered by an independent security team. What is particularly interesting is how complex and persistent the scammers' plan is.
Hackers initially use well-known techniques maliciousυ λογισμικού και ηλεκτρονικού “ψαρέματος” (phishing), για να υποκλέψουν τα διαπιστευτήρια σύνδεσης και να αποκτήσουν πρόσβαση σε λογαριασμούς του Facebook. Μόλις παραβιαστεί ένας accounts, the attackers start inspecting the user's chat history and target people the victim communicates with, as if they were the real users.
From the compromised account, the attackers start asking for small amounts of money to "top up" a large amount of money for some online purchase. Since Poland uses largely payment brokerage services that allow online purchases without credit cards, these requests are not at all unusual.
Once a contact has agreed to carry out the transaction, the attackers send a fake payment link that directs unsuspecting victims to carefully cloned websites of popular payment providers. There, the victim will be asked to complete the payment to enter a unique code he has received via SMS.
How;
Attackers, in addition to intercepting the unique password, continue and allow the payment to be completed through the counterfeit page, but without the victim knowing it, they have described the transaction as "a reliable transfer."
The BadCyber Security Team says that after that it takes about 15 minutes to empty the bank account and transfer all stolen money to anonymous Bitcoin wallets.
It is unknown at this time what he will do after leaving the post, but researchers believe that "several attempts" were made overnight.
According to the security team, what makes the scam particularly unpleasant is that scammers exchange money directly to Bitcoin. The fact and the complexity of the attack makes it very difficult to locate the fraudsters.
"It starts with Facebook, then moves to rogue sites that record victims' movements using socks ports on zombie machines located in the same area where the victim lives," the researchers said.
"Only professional detection teams with the right mechanisms can handle and detect these attacks properly."
Do not think, immediately activate authentication two factors on Facebook now and be very careful if a friend like to ask for help for a small online transaction.
