Facebook password-reset spam is Bredolab botnet attack
Summary: Virus hunters are raising the alarm for a large-scale spam attack that uses fake Facebook password-reset messages to trick PC users into downloading a dangerous piece of malware.
Virus hunters are raising the alarm for a large-scale spam attack that uses fake Facebook password-reset messages to trick PC users into downloading a dangerous piece of malware.
The malicious executable is linked to the Bredolab botnet, which has been linked to massive spam runs and identity-theft related attacks.
Here's a sample of the Facebook password-reset messages hitting e-mail inboxes this morning:
According to Websense, the address of the sender is spoofed to display "support@facebook.com," a trick commonly used to trick targets into believing it's a legitimate e-mail from the popular social network.
The messages contain a .zip file attachment with an .exe file that connects to two servers to download additional malicious files and joins the Bredolab botnet which means the attackers have full control of the PC, such as steal customer information, send spam emails. One of the servers is in the Netherlands and the other one in Kazakhstan.
Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.
Talkback
For haven sake ...
<font color=#808080><em>"...password-reset messages to trick <strong>PC users</strong> into downloading a dangerous piece of <strong>malware</strong>."</em></font>
Do "PC" means Windows? I'm guessing because I see the words "<em>PC</em>" and "<em>malware</em>" in the same sentence, oh, and your screen shot is Windows. Is that an accurate guess?
A mention of affected platform(s) would be appreciated by your readers. Let's not just tell half the story.
Thanks in advance for your reply
^o^
<br>
Affected platform?
re:Affected platform? Yes, Affected platform?
<font color=#808080>"The messages contain a .zip file attachment with an <font color=#000000><strong>.exe</strong></font> file..."</font>
Are you sure about that?
Thank for your reply
^o^
<br>
Yes, I'm sure
I really wasn't ...
The question was about this articles malware specifically.
Thanks any way.
^o^
<br>
Ah, I didn't realize
Windows is also immune to all the problems associated with WINE and Parallels as other OSs desperately try to give their users access to the Windows API. :)
You're building a strawman. No thx. n/t
And you are a troll
Says the troll.
[/b]
RE: Troll vs. Troll
n0neXn0ne actually brought up a good point with his post, whether or
not it was intended to be a trolling attempt.
Yes, NZ, trojans do, in fact, have the ability to affect users of many
different platforms, depending on the platform that they were written
to attack. So, as far as that is concerned, you are correct.
However, in the case of this blog post, it is, indeed, a bit unspecific
about the particular platform that is affected. PC does, in fact, mean
personal computer, regardless of actual OS or platform, or whether or
not one company decides the brand the term PC as applying to
Windows based machines in it's commercials or not.
In the case of this article, I have to agree with n0neXn0ne, in that it
would have been more appropriate to specify that the trojan in
question does indeed affect only users of Windows based machines, if
only for the sake of assisting with people who may not be aware of the
differences in platforms when it comes to the actual OS and the ability
of malware to infect varying machines.
Granted, simply posting "PC" in general does have the added effect of
helping those who don't have a clue about any of this become more
conscious of ANY suspect mails that might come their way.
As for you, NZ, I have no choice but to compliment you on your
apparently rapidly growing ability to create a rather impressive
trackback tree based on your intentionally inflammatory comments -
I'm not so sure what the marketable points are of such a niche skill-set
are, but surely, you can use that to create a career in the entertainment
industry somewhere. Or perhaps writing for a dictator in a third world
country. Or something. I wish you luck in your future herring
generating endeavours, good sir.
Would you care to provide evidence?
Who needs evidence?
anarchists/atheists/aliens!
His statement is right
http://en.wikipedia.org/wiki/Linux_malware
http://www.appleinsider.com/articles/09/01/26/two_new_trojan_horses
_threaten_mac_software_pirates.html
"His statement is right"
actually it should read
All platforms are [u]a[/u]ffected by User stupidity otherwise known as
human error or social engineering:-) as to Trojan's
"Special skill may be needed for tricking the user to run the (trojan)
program in the first place."
Incorrect
and as n0neXn0ne pointed out this trojan is an exe which means it can
only work on windows or maybe wine.
All platforms? With a ".exe" file carrying the payload?
Name a PC OS that is immune to trojans
re: Name a PC OS that is immune to trojans
<font color=#808080><em>"This is gonna be good..."</em></font>
^o^
<br>
Why does it need to be a cross-platform trojan?
Please report specific cases where it occurred