“Spam from your Facebook account” messages contains trojan


MX Lab, http://www.mxlab.eu, started to intercept a new trojan distribution campaign by email with tone of the following subjects: Spam from your account Spam from your Facebook account Your password has been changed The email is from "Facebook Abuse Department" containing a spoofed email address in the format ***@facebook.com, where the part before the @-sign … Continue reading “Spam from your Facebook account” messages contains trojan

“Facebook Support. Your password has been changed!” contains trojan


MX Lab, http://www.mxlab.eu, started to intercept a new trojan distribution campaign by email with the subject "Facebook Support. Your password has been changed! ID09687". Note that the number may change with each email. The email is send from the spoofed addresses: account@facebook.com manager@facebook.com The message has the following body: Dear user of FaceBook. Your password … Continue reading “Facebook Support. Your password has been changed!” contains trojan

“New Facebook password!” emails contains W32/Oficla.BC trojan


MX Lab, http://www.mxlab.eu, started to intercept a new trojan distribution campaign by email with the subject "New Facebook password!" The email is send from the spoofed address ""Facebook Manager, Loraine Nwabeke" <juliancb@facebook.com>" and has the following body: Dear user of facebook. Because of the measures taken to provide safety to our clients, your password has … Continue reading “New Facebook password!” emails contains W32/Oficla.BC trojan

New Bredolab variant target Facebook users


MX Lab intercepts a new Bredolab trojan variant masked as an email from Facebook sent from the spoofed email address The Facebook Team <change@facebook.com>. The subject of the message is "Facebook Password Reset Confirmation! Your Support." and the body of the email contains the following content: Dear user of facebook, Because of the measures taken to … Continue reading New Bredolab variant target Facebook users

Facebook updated account agreement email contains Sasfis trojan


Apparently, the virus campaigns are far from over. MX Lab reported on this blog regarding the latest virus campaign that would be an attempt to grow the Cutwail botnet by infecting new computer systems by launching new trojan variants every few days. MX Lab now intercepts a new Facebook virus campaign from the spoofed address <automailer+gtevzolc@facebook.com> … Continue reading Facebook updated account agreement email contains Sasfis trojan

Bredolab masked as Facebook Password Reset Confirmation


MX Lab detected a new Bredolab variant masking itself as the "Facebook Password Reset Confirmation". The From address in the email is shown as "The Facebook Team <service@facebook.com>" but the real SMTP from address is spoofed. The attachment has the name Facebook_Password_4cf91.zip and includes the file Facebook_Password_4cf91.exe. the part between _ and .zip at the … Continue reading Bredolab masked as Facebook Password Reset Confirmation