The “Facebook PokerAgent”

A session at CONFidence 2013

Tuesday 28th May, 2013

4:50pm to 5:40pm (WMT)

In March 2012 we have been tracking a botnet, which was used by the perpetrator to harvest Facebook log-on credentials. In addition to expanding the database of stolen Facebook user names and passwords, the bots were being instructed to ascertain the number of credit cards linked to the Facebook accounts and Zynga Poker player stats of the victimized users. The threat was mostly active in Israel.

With Facebook being such a hot topic, this would constitute an interesting phishing threat just due to the aforementioned characteristics, but the matter gained more seriousness when we discovered that the bot master had managed to acquire over 16000 Facebook credentials through his operation, as our botnet monitoring had revealed.

The presentation begins with an overview of the threat and the technical details of the used trojan horse. Afterwards, we will describe the process of monitoring the botnet and present the highlights of the following investigation.

About the speaker

This person is speaking at this event.
Robert Lipovsky

Malware Researcher / Security Intelligence Team Lead at ESET bio from Twitter

Sign in to add slides, notes or videos to this session

CONFidence 2013

Poland Poland, Krakow

28th29th May 2013

Tell your friends!


Time 4:50pm5:40pm WMT

Date Tue 28th May 2013

Short URL


Official session page


View the schedule


See something wrong?

Report an issue with this session