Facebook phishing attack contains Bredolab malware
Wednesday, October 28, 2009
Facebook users should be on the alert for a phishing attack that appears to come from Facebook itself for a password reset. Phony spam emails from the Bredolab botnet are tricking Facebook users into downloading a Trojan malware.
The cyber attackers are criminals with servers based in the Netherlands and Kazakhstan, according to Websense, the web security firm. The Facebook phishing attack comes from a botnet of hacked computers called Bredolab.
The sending address on the spam emails uses support@facebook.com "to make the messages believable to recipients," Websense reported. The emails have an attached file that, if opened and clicked, downloads the Trojan that takes over a victim's PC.
Facebook has come under increased scrutiny over the past year due to the steady stream of cyber attacks and phishing scams spreading across its expanding network.
The Facebook security team advises users to check their PCs for viruses using free antivirus scanners if they believe they have fallen victim to an attack. Facebook says users whose Facebook accounts are sending spam can change the domain name server of their PC using OpenDNS.
Related News:
Conficker still a threat to web security - 3.18.2010
The Conficker worm was by far the most notorious piece of malware in 2009 for several reasons. Not only did it receive media attention and infect more computers than any other strain, according to Katonda, a business technology website, it reminded web security professionals of bygone days when major epidemics were the norm.
Network security update not responsible for crashes - 2.24.2010
Reports of the so-called "blue screen of death" following the installation of the latest Microsoft security update are the result of malware, not a defect in the update.
Botnets and Chuck Norris take aim at network security - 2.22.2010
Last week, word spread of the Kneber botnet compromising more than 2,000 computers worldwide. With the start of a new week comes more malware attacks plaguing the web community. The so-called "Chuck Norris" botnet is attacking routers and DSL modems by guessing commonly used passwords.
Web security company warns of scareware's risk - 2.19.2010
The rise in scareware attacks and cyber criminal behavior in general forced DynaSis, an IT services company, to issue a warning to its users about the threat of fake anti-virus software infecting their computers on Friday.
Age-old trick with brand-new target - 1.18.2010
Cyber criminals have turned to a scam from the early days of the internet to target the growing smartphone market: Trojan phone dialers.
|
