Comments on: Facebook updated account agreement email contains Sasfis trojan

By: Uptick in Trojan.Sasfis Emails « MadMark's Blog

Uptick in Trojan.Sasfis Emails « MadMark's Blog — Tue, 09 Mar 2010 00:42:20 +0000

[...] Uptick in Trojan.Sasfis Emails I am seeing an uptick in Trojans (specifically Sasfis) being posted to my “spammy” and personal accounts. Watch out for the classic “UPS Delivery” and “UPS Delivery Problem” mailings. This is the same malware that was tapping Facebook users back in November (http://blog.mxlab.eu/2009/11/07/facebook-updated-account-agreement-email-contains-sasfis-trojan/). [...]

By: nenad kalaji

nenad kalaji — Fri, 20 Nov 2009 13:46:17 +0000

nenad ima 36 godina

By: “Your mailbox has been deactivated” Spam Campaign Serving Crimeware | +Sign

Tue, 17 Nov 2009 21:46:34 +0000

[...] .com 021107d91129.bourgum .com Naturally, the campaign isn't an isolated incident, with previous "Facebook updated account agreement" themed ones, using the same phone back locations as the currently ongoing one. Related posts: Ongoing [...]

By: Carlos Felicio

Carlos Felicio — Tue, 17 Nov 2009 07:11:03 +0000

That’s why you should never open files from unknown sources…

By: Gossamer Web Design Lake Tahoe » Facebook Trojan Email

Gossamer Web Design Lake Tahoe » Facebook Trojan Email — Mon, 09 Nov 2009 17:52:30 +0000

[...] of a grammatical error, and the fact that the email address is not used with a Facebook account; a quick google foo reveals that the attachment provided, disguised as an update to your account agreement, is a trojan [...]

By: John Godfrey

John Godfrey — Sun, 08 Nov 2009 14:54:58 +0000

I have been infected by this virus in exactly the way described. I received 100s of spoof emails supposedly from Facebook and in a moment of weakness decided top open one. BitDEfender identified the virus but has not been able to disinfect or quarantine the file so has blocked the file: ifmq.kqo. At this stage I am uncertain of the implications of this. It is causing some problems logging into the internet.