Football Fan Pages Serve Up Bank Account-Draining Malware

Don't click those links and while you're at it, maybe STFU about the game.

The new NFL logo went into use at the 2008 draft.
(Photo credit: Wikipedia)

A virus is draining bank accounts on Facebook (META) — and NFL fan pages appear to be helping spread the malware.

Sign Up For Our Daily Newsletter

By clicking submit, you agree to our <a href="http://observermedia.com/terms">terms of service</a> and acknowledge we may use your information to send you emails, product samples, and promotions on this website and other properties. You can opt out anytime.

See all of our newsletters

The Trojan horse, called Zeus, has infected millions of computers, most of which are in the U.S., according to the New York Times. Zeus stays dormant until a victim logs into a bank site, then steals the passwords, accesses the victim’s account and has at it. It can even mimic the bank’s website and phish for Social Security numbers.

From the Times story:

“The Trojan, which was first detected in 2007, is only getting more active. According to researchers at the security firm Trend Micro, incidents of Zeus have risen steadily this year and peaked in May. Eric Feinberg, founder of the advocacy group Fans Against Kounterfeit Enterprise (FAKE), has noticed an uptick in Zeus-serving malicious links on popular N.F.L. Facebook fan pages such as one created by a group called ‘Bring the N.F.L. To Los Angeles.'”

That page’s posts switch between spam and the earnest postings of fans who are dying for a pro team to toss the ol’ pigskin in L.A.

After noticing the increase, Mr. Feinberg sent links to security lab Malloy Labs, which confirmed the links’ connection to Zeus. According to the Times, Malloy Labs also found that the malware was being hosted from computers linked to a Russian criminal gang known as Russian Business Network. They sound tough.

Mr. Feinberg says he told Facebook about the problem but that didn’t help much, so he recommends users scan their own devices with scans like this one until Facebook comes up with a solution.

Until then, continue to avoid Facebook campaigns regarding the NFL. Also, everyone should probably stop all the “YANKEEEEEEEEEEESES!!!1!” Facebook statuses, too. You know, to be safe.

Football Fan Pages Serve Up Bank Account-Draining Malware