Malware SpreadsThrough Facebook IP_secure


From: Secure Facebook
Subject: To Facebook user: {#FIRST_DESCR}.

Facebook remains to be one of the largest Internet social networking sites with millions of users signing in on a daily basis. Statistics show that the number of active Facebook users has now surpassed the 500 million mark and continues to grow. This is the primary reason that cybercriminals choose to exploit the social networking site for malicious intent

The recent spam samples about Facebook inform recipients that the user’s IP address is sending numerous numbers of spammed messages to different email addresses. A .ZIP file was also attached in the email containing the detailed statistics of IP logins and a suspicious small freeware program file FB_IPsecure.exe. This executable file which would supposedly lock untrusted connections and prevent the sending of spammed messages to other users. Below is a screenshot of the .ZIP file attached to the spammed message.

 SPAM BLOCKING DATE / TIME: November 30, 2010 GMT-8
 TMASE INFO
  • ENGINE:
  • PATTERN:7800