Author Topic: Malware Alert: “Facebook Password Reset Confirmation"  (Read 925 times)

Offline Bugbatter

  • Microsoft® MVP
  • Administrator
  • Diamond Member
  • Posts: 9105
Malware Alert: “Facebook Password Reset Confirmation"
« on: October 27, 2009, 10:31:07 AM »

MX Lab detected a new Bredolab variant masking itself as the “Facebook Password Reset Confirmation”. The From address in the email is shown as “The Facebook Team <>” but the real SMTP from address is spoofed.

The attachment has the name and includes the file Facebook_Password_4cf91.exe. the part between _ and .zip at the end is choosen randomly and contains letters and numbers.

The trojan is known as Trojan.Downloader.Bredolab.AZ (BitDefender), Bredolab.gen.a (McAfee) or W32/Obfuscated.D2!genr (Norman) and is only detected by 14 of the 41 AV engines at Virus Total.

More here:

Microsoft MVP - Consumer Security

There are no replies to this topic. Do you want to be the first?