Malware Watch: 'Spam is sent from your FaceBook account'; Spamvertised malicious photos

Summary:Malicious attackers are currently spamvertising two separate malware campaigns, enticing end users into downloading and executing malicious file attachments.

Malicious attackers are currently spamvertising two separate malware campaigns, enticing end users into downloading and executing malicious file attachments.

- Spam is sent from your FaceBook account

The first campaign is a variation of last week's Spamvertised 'Facebook. Your password has been changed!' emails lead to malware campaign, and is once again impersonating Facebook on its way to social engineer end users.

Sample subject: Spam is sent from your FaceBook account

Sample message: Dear client, Spam is sent from your FaceBook account. Your password has been changed for safety. Information regarding your account and a new password is attached to the letter. Read this information thoroughly and change the password to complicated one. Please do not reply to this email, it's automatic mail notification! Thank you. FaceBook Service.

The malware is detected as Mal/BredoZp-B.

- I'm going to send you the Photos in

The second campaign is relying on out of the blue photos notification, using password-protected .zips (DSC0173519.zip) containing the DSC0173519.exe executable.

Not surprisingly, these campaigns and their related variantions (Spamvertised Post Office Express Mail (USPS) emails lead to malware; Spamvertised DHL notifications lead to malware) are resulting in an increased growth in ZIP file attachments, which vendors contribute to the intensifying campaigning of the Bredolab gang.

Users are advised to avoid interacting with malicious file attachments or links found in spam emails in general.

Topics: Social Enterprise, Malware, Security

About

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, and cybercrime incident response. He's been an active security blogger since 2007, and maintains a popular security blog sharing real-time threats intelligence data with the rest of the community... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.