Adotic

AdBrite

Your Ad Here

Saturday, October 31, 2009

Fake Facebook e-mail contains Trojan

A new variant of the Bredolab Trojan horse is attached to a fake "Facebook Password Reset Confirmation" e-mail, security firm MX Labs is reporting.

MX Lab detected a new Bredolab variant masking itself as the “Facebook Password Reset Confirmation”. The From address in the email is shown as “The Facebook Team ” but the real SMTP from address is spoofed.

The attachment has the name Facebook_Password_4cf91.zip and includes the file Facebook_Password_4cf91.exe. the part between _ and .zip at the end is choosen randomly and contains letters and numbers.

The trojan is known as Trojan.Downloader.Bredolab.AZ (BitDefender), Bredolab.gen.a (McAfee) or W32/Obfuscated.D2!genr (Norman) and is only detected by 14 of the 41 AV engines at Virus Total.


The body of the email:

Hey vguysville ,

Because of the measures taken to provide safety to our clients, your password has been changed.
You can find your new password in attached document.

Thanks,
The Facebook Team


Bredolab is a trojan horse that downloads and executes files from the Internet, such as rogue anti-spyware. To bypass firewalls, it injects its own code into legitimate processes svchost.exe and explorer.exe. Bredolab contains anti-sandbox code (the trojan might quit itself when an external program investigates its actions).

However, Facebook has said that such types of mails were not coming from the social network. The users have been advised to use the anti-malware software to heal the virus infection.
A Facebook spokesperson said, "This virus is being distributed through email, not on Facebook."


Source : MX Lab

Be careful what emails you open on your computer. Some emails that you get may contain virus', worms, adware, spyware or other malicious files. As soon as you open the email you will be infected. Infections by virus', worms, adware and spyware may go unnoticed, you may not even know you are infected.

What Can You Do To Protect Yourself?

lways have yourantivirus software running. There are several different antivirus softwares on the market that you can use. These are a must. You will get hit by a virus if you get email. Never browse the Internet or check your email without it.

Use an adware program to check your system at least once a month, more is possible. Most of them are free unless you want to monitor your system constantly like the antivirus software does, that costs a little more. I personally use Malwarebytes.It is a good free software.I Plannining to start Virus removal tools blog. Is It good?
Posted by wallpaper4u.blogspot.com at 7:24 PM
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)