Facebook Password Spam Conceals Malware Attack

October 28, 2009 – 5:58 AM

Researchers at several security firms have tied the Bredolab Trojan to a spam campaign targeting Facebook users.

The malware is being blasted out by spammers in e-mails claiming to come from “The Facebook Team.” Inside the e-mails is a message that the recipient’s Facebook password has been changed. In order to get the new one, recipients are told to open the accompanying attachment containing the malware.

Researchers at Websense told eWEEK Oct. 27 that they have observed more than 350,000 of the messages. On the company’s blog, researchers explained that the malware connects to two servers to download additional malicious files. Among them is Pushdo, also known as Cutwail.

“One of the first things we saw this Trojan horse download was the Pushdo bot which began spamming out more of these Facebook password reset emails,” according to M86 Security.


You must be logged in to post a comment.