Fake Facebook Email Infected With Trojan

Are you addicted to Facebook? Beware!

Because MX Lab, a security firm, detected a new variant of Bredolab Trojan horse attached to a fake ""Facebook Password Reset Confirmation"" email. Some users claim that the email comes from ""The Facebook Team"" where the sender's email address is displays as ""service@."" Unfortunately, the address and sender were disguised.

The said email is accompanied with an attachment named ""Facebook_Password_"", also includes the file Facebook_Password_"" and contains the new Facebook password of the user. When you run the file, it could cause destruction on your computer. According to MX Lab, Trojan horse Bredolab executes files from the Internet such as rogue anti-spyware. It is a malicious Malware that injects its own code into legitimate processes  and  to bypass firewalls. It also contains anti-sandbox code which allows Bredolab to quit by itself when an external program investigates its actions.

M86 Security, another security watchdog, said that Bredolab don't just sneak into the computer of the user but also downloads a bot called Pushdo. Pushdo will immediately start spamming out more Facebook password reset emails. Facebook explained that the email containing the virus is not coming from them. According to them, they will never send users a new password as attachment. They advised the users to immediately have their computers run a virus scan. Facebook users should be careful with a fake email disguising as a Facebook password reset email containing an attachment of the new password but in reality, contains a virus.

Facebook is one of the most popular social networking sites worldwide. With these fake and infected Facebook emails spreading around, users must be careful in opening and downloading malicious emails and attachments.