Spamvertised 'Facebook. Your password has been changed!' emails lead to malware

Malicious attackers are currently spamvertising malicious attachments impersonating Facebook's Support Team. Upon execution the sample Mal/Zbot-AV drops additional malware.

Malicious attackers are currently spamvertising malicious attachments impersonating Facebook's Support Team. Upon execution the sample Mal/Zbot-AV drops additional malware.

Sample subjects: "Facebook. Your password has been changed! [NUMBER]" "Facebook. The new password to your account. [NUMBER]" "Facebook Support. Personal data has been changed! [NUMBER]"

Sample message: Dear user of FaceBook. Your password is not safe! To secure your account the password has been changed automatically. Attached document contains a new password to your account and detailed information about new security measures.

Thank you for attention, Administration of Facebook.

Users are advised to avoid interacting with suspicious attachments.

See also:

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All