Facebook users are being targeted in a new Trojan attack designed to give hackers full control of a user’s computer, a security firm has warned.
Up to 90,000 instances of suspicious emails have been sent across the internet, with users advised to change their passwords and carefully monitor email attachments downloaded onto home computers.
The latest threat comes after Facebook has been subject to a number of phishing and denial of service attacks this year, with tech analysts attributing the attention to the site’s growing popularity.
Websense posted in a web alert that users should be well aware of the attack, which targets the website’s method used to reset passwords, and take special attention to suspicious emails containing attachments with an “.exe” file.
“This spam email attack is designed to play on the subject at the forefront of users’ minds: their password security,” security labs manager Carl Leonard said.
“Falling for this scam could lead to the unsuspecting user becoming part of a botnet. With the recent hack of web email accounts, users would feel more compelled to open an attachment that purports to hold their new password, as they’d be worried who changed it in the first place.”
Leonard said users can avoid potential threats by going directly to the “Facebook.com” address and changing passwords, rather than being directed through an email.
The Trojan, known as “Bredolab”, has been identified in over 90,000 emails by Websense. When opened, the “.exe” file contained in the email then connects to two servers in order to download malware and allow hackers access to a user’s computer.
Emails containing the virus use the “support@facebook.com” name in order to make the message appear more legitimate, a typical feature of phishing emails. It is also believed the hackers behind the attack are operating with servers based in the Netherlands and Kazakhstan.
Graham Cluley, Sophos senior technology consultant, confirmed the email’s existence in a blog post and warned users to be extremely careful when opening emails.
“The ‘from’ address has been forged, and the attached file is in fact a piece of malware. Sophos detects the malware as Troj/BredoZp-M or Mal/Bredo-A.”
“Don’t make life easy for the hackers hell-bent on infecting your computer, stealing your identity and emptying your bank account. Exercise caution when you receive unsolicited emails, and protect your computer with up-to-date security software.”
ABOUT THE AUTHOR
COMMENTS
SmartCompany is committed to hosting lively discussions. Help us keep the conversation useful, interesting and welcoming. We aim to publish comments quickly in the interest of promoting robust conversation, but we’re a small team and we deploy filters to protect against legal risk. Occasionally your comment may be held up while it is being reviewed, but we’re working as fast as we can to keep the conversation rolling.
The SmartCompany comment section is members-only content. Please subscribe to leave a comment.
The SmartCompany comment section is members-only content. Please login to leave a comment.