Facebook Password Reset turns out to be Malware

Email malware is really getting trendy again. Now the malware authors use another social engineering scam: The spam mails claim that the password for the Facebook account has been reset. For getting the new password, the recipient of the spam is urged to open the attached ZIP file, which in turn contains the malicious .exe file.

Fig. 1: This fake email is trying to make the recipient execute the attached malware.

Fig. 1: This fake email is trying to make the recipient execute the attached malware.

Such emails have been successful already a few years ago. I thought we wouldn’t see them again as the people should already know not to execute attachments from emails they didn’t request. Anyhow, the recent spam waves teach us something else.

So please, remember the drill: In case that someone sends an email with an attachment, make sure that the sender is real and that he/she really wanted to send you that file. Else it is most likely malware. In any case keep your antivirus software up to date so it can detect new malware.

Avira products detect the attached malware from that spam wave as TR/Dldr.Bredolab.AX with the vdf update to version 7.01.06.155.

Dirk Knop
Technical Editor