tipo Posted December 2, 2010 Share Posted December 2, 2010 Security researchers from Trend Micro warn of spam emails posing as security alerts from Facebook, which have a version of the ZeuS banking trojan attached.The infected emails purport to come from “Secure Facebook” and have a subject of “To Facebook user. (#FIRST_DESCR).” The last part is probably the result of a poorly configured spam template.IThe contained message claims the recipient’s IP address was used to log onto Facebook numerous times and send spam.It instructs users to read detailed statistics about their Facebook connections which are allegedly attached to the email, along with a firewall program developed by Facebook.Called “FB IPsecure,” the application claims to be able to block untrusted connections and prevent spam from being sent from the user’s IP.The spam message is signed by one Facebook Secure Advisor Garri Moor, but fortunately, it is so badly formulated that it would be hard to foul any English speaker.The attachment is called files.zip and contains an executable, which according to Trend Micro, is a variant of the ZeuS information stealing trojan.“Given that malicious attachments are a favored way of spreading ZeuS variants, this isn’t really new. In terms of behavior, nothing separates this particular variant from others that are in the wild today,” Merianne Polintan, an anti-spam research engineer at Trend, explains.ZeuS is one of the most popular trojans in the cyber criminal world. It is commonly used by fraudsters to steal financial information, personal details, online credentials and other sensitive data.Unlike other malware, ZeuS is not controlled by any particular gang. Instead, it is being sold on the black market as a crimeware toolkit, which makes it available to virtually anyone looking to engage in the activities it facilitates.Because of this, the diversity of ZeuS samples in the wild at any given time is very high. And since the trojan also functions as a botnet client, there is also a high number of command and control servers.link Link to comment Share on other sites More sharing options...
HX1 Posted December 2, 2010 Share Posted December 2, 2010 I think someone keeps trying to hack my account.. I keep getting notifications about" We are sorry you have had troubled getting into your account.. blah ablh blah.. " type.. have gotten several and its only been a weak or so since I have been there.. I don't go to any links or anything.. I just delete them.. but has my curiosity up.. Link to comment Share on other sites More sharing options...
tipo Posted December 2, 2010 Author Share Posted December 2, 2010 you could use bitdefender safego and/or norton safe web to check if your account is ok...bitdefendercan`t seem to find norton... Link to comment Share on other sites More sharing options...
HX1 Posted December 2, 2010 Share Posted December 2, 2010 Well what I am thinking is that someone is trying to pose as me.. to change the password or hack into the account.. Reason for the weird messages that have nothing to do with any issues.. being there haven't been any.. Its suspicious.. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.