Home > Technology & Telecom > Facebook password-reset spam is Bredolab botnet attack

Facebook password-reset spam is Bredolab botnet attack

October 29, 2009 Leave a comment Go to comments

Virus hunters are raising the alarm for a large-scale spam attack that uses fake Facebook password-reset messages to trick PC users into downloading a dangerous piece of malware.

The malicious executable is linked to the Bredolab botnet, which has been linked to massive spam runs and identity-theft related attacks.

Here’s a sample of the Facebook password-reset messages hitting e-mail inboxes this morning:

According to Websense, the address of the sender is spoofed to display “support@facebook.com,” a trick commonly used to trick targets into believing it’s a legitimate e-mail from the popular social network.

The messages contain a .zip file attachment with an .exe file that connects to two servers to download additional malicious files and joins the Bredolab botnet which means the attackers have full control of the PC, such as steal customer information, send spam emails. One of the servers is in the Netherlands and the other one in Kazakhstan.

Categories: Technology & Telecom
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: