New password from Facebook? Beware widely spread malware attack

by Graham Cluley on November 18, 2010 | 5 Comments

Filed Under: Facebook, Malware, Social networks, Spam

Malicious hackers have spammed out an attack that pretends to be an email from Facebook support saying that your password has been changed.

The messages, which have a variety of subject lines including "Facebook Service. A new password is sent you", "Facebook Support. Your password has been changed" and "Facebook Service. Your account is blocked", have a ZIP file attached which carries a Trojan horse.

New password from Facebook?

Good afternoon.

A spam is sent from your Facebook account.
Your password has been changed for safety.

Information regarding your account and a new password is attached to the letter.
Read this information thoroughly and change the password to complicated one.

Thank you for your attention,
Facebook Service.

Sophos products detect the attached ZIP file as Mal/BredoZp-B, and the Trojan horse contained within as Troj/Agent-PLG.

It's possible that the attackers are attempting to exploit the problems many female Facebook users had this week when the social network disabled many accounts by accident.

Don't forget - you should always be extremely suspicious of any unsolicited email which arrives out of the blue, encouraging you to open an attachment.

Tags: , ,

5 Responses to New password from Facebook? Beware widely spread malware attack

  1. Clara Moir says:
    November 19, 2010 at 8:19 pm

    In referance to this post of facebook "stating your password has been changed.
    At 1240pm this date I received a message through my AOL, E-mail account that stated.
    ( showing it came from), donotreply New Password Requested. I hit the "Spam" and did not open this.. Could this be the samething you posted about? Could this have been"cleaned up" after this was brought out in the open? Thank you for a response to this.

    Reply Report comment
  2. agata W says:
    December 7, 2010 at 9:16 am

    I have received a email saying its from facebook and requesting my personal info.... The message said I won 33 thousand dollars and must claim it for them to send me a cheque..

    Can you please let me know is this a spam ?? i didnt send any info......

    regards
    agata

    Reply Report comment
  3. anon says:
    January 28, 2011 at 9:58 pm

    i did open the mail but did not download the attachment & deleted the mail
    will i get infected?????

    Reply Report comment
  4. Betty Rowe says:
    January 30, 2011 at 7:49 pm

    I forgot my password. How do I get a new one????

    Reply Report comment

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title="" rel=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <pre> <q cite=""> <strike> <strong>

About the author

Graham Cluley has worked in the computer security industry for more than 20 years, developing anti-virus software and doing quite a lot of talking about internet threats. He's won awards for his blogging, but is proudest of the text adventure games he wrote when he was still wearing short trousers. You can learn more about those (the games, not the trousers) at grahamcluley.com. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.