Trend Micro Security

Fake Facebook Friend Notification Leads to Malware

 解析者: Jona Ross Pereira

Trend Micro engineers spotted a spammed fake Facebook friend notification that leads to malware. The message uses URL cloaking technique, in which the URL redirects to a malicious website and downloads a malicious file to the system, which then exploits Adobe Acrobat. The downloaded file is detected as JAVA_AGENT.PEJ. The said malware downloads and executes another malware detected as TSPY_ZBOT.PEJ.



Trend Micro products blocks the URL and detects and prevents execution of the malware dropped/downloaded on the affected system. Users should go directly to their Facebook accounts to check and confirm friend requests.

 スパムブロック日時 : 2012年4月26日 23:07:00 GMT-8
 TMASE
  • TMASEエンジン:6.8
  • TMASEパターンバージョン:8868