This trojan claims to be something to do with a Facebook password reset, but it's a plain old EXE-in-ZIP trojan attack.Subject: Facebook Password Reset Confirmation.
From: "The Facebook Team" <service@facebook.com>
Hey fortunes ,
Because of the measures taken to provide safety to our clients, your password has been changed.
You can find your new password in attached document.
Thanks, The Facebook Team
Attachments: Facebook_Password_6c6eb.zip
The Trojan is widely detected as a version of Bredolab. ThreatExpert report is here.
Remember, if you can block EXE-in-ZIP files at your mail gateway, it is well worth doing.
No comments:
Post a Comment