Facebook changes your password on purpose?
Users targeted in the latest email scam – only to receive dropped malware
SYDNEY & AUCKLAND – March 19, 2010 – Facebook users have been caught up in a Trojan-spreading scheme this week: in the form of e-mails notifying Facebook users that the passwords to their accounts have been changed due to security reasons. The recipients of this fake notification are prompted to open an attached .zip file in order to find out their new allocated password.
Instead of a new password, the zip file hides Trojan.Dropper.Oficla.G. As its name suggests, this piece of malware contains malicious or potentially unwanted software which it ‘drops’ and installs on the system. Frequently, the dropper installs a backdoor which allows remote, covert access to the infected system. This backdoor may then be used by cybercriminals to upload and install additional malicious or potentially unwanted software on the system.
According to the BitDefender Monitoring Systems the distribution of the spam messages carrying this piece of malware started on the evening of March 17th, 2010. Since then, spam ‘waves’ have reached significant proportions, in some cases more than 200 spam messages being sent out in 30 minutes.
Moreover, the infection rates reflected by the BitDefender Real-Time Virus Reporting System indicate the beginning of a massive spreading of Trojan.Dropper.Oficla.G. Although this phenomenon has just begun, it seems that it’s just a matter of time before the cybercriminals have control of a huge number of systems.
Infection rates are expected to boom because the social engineering behind this mechanism proves to be efficient. Facebook is a highly popular social network and accessing it for discussions or for its popular applications has become a daily habit for very many people. No matter why people access the social network, the e-mail informing them about the alleged password change is likely to drive them towards the same result: open the file to take a look inside and ultimately… get infected.
In order to stay safe, BitDefender recommends you never open attachments coming from unknown contacts. They also suggest people install and update a complete antimalware software solution.