October 30, 2012Blog Staff By Blog Staff

Cybercriminals spamvertise millions of bogus Facebook notifications, serve malware

Recently, cybercriminals spamvertised yet another massive email campaign, impersonating the world’s most popular social network – Facebook.

It was similar to a previously profiled spam campaign imitating Facebook. However, in this case the cybercriminals behind it relied on attached malicious archives, compared to including exploits and malware serving links in the email.

More details:

Sample screenshot of the spamvertised email:

Detection rate for the malicious archive: MD5: 0938302fbf8f7db161e46c558660ae0b – detected by 34 out of 43 antivirus scanners as Trojan.Generic.KDV.753880; Trojan-Ransom.Win32.Gimemo.arsu. Upon execution, the sample opens a backdoor on the infected host, allowing the cybercriminals behind the campaign to gain full access to the affected host.

Webroot SecureAnywhere users are proactively protected from this threat.

If users feel they received a bogus email that may not be coming from Facebook, they can alert Facebook by forwarding the message to phish@fb.com. In addition, users can check to see if their account has been compromised by visiting www.facebook.com/hacked.

You can find more about Dancho Danchev at his LinkedIn Profile. You can also follow him on  Twitter.

Share Button

One Response to Cybercriminals spamvertise millions of bogus Facebook notifications, serve malware

  1. Pingback: Bogus Facebook ‘pending notifications’ themed emails serve client-side exploits and malware « Webroot Threat Blog – Internet Security Threat Updates from Around the World

Leave a Reply

Your email address will not be published. Required fields are marked *