According to internet security firm ESET, a hacker programmed a Trojan virus named “Poker Agent botnet” to harvest login credentials of more than 16,000 users of Facebook’s Zynga Poker who were known depositors throughout 2012. The virus was programmed to log into the accounts and collect information on Zynga Poker stats and the number of payment methods saved in the account as well as the amount of credit cards stored in their Facebook account. This was done presumably with the intention to mug the victims. The threat was mostly active in Israel. 800 computers were infected, over 16194 Facebook credentials stolen.
The infected computer also received instructions to infect the victim’s profile with a link to a phishing site that lured the player’s friends to a website resembling the Facebook home page where login credentials were harvested again.
Róbert Lipovský, Eset security intelligence team lead, said: “To protect against attacks relying on social engineering methods, having a good security solution is not enough, users should be attentive to any such ploys. The user could recognise the fake Facebook login page if he/she would check the site’s URL.”