New Malware Poses as Facebook Update

Facebook's constant site improvement has recently attracted a lot more cybercriminals to take advantage of and exploit the social networking site for malicious intent.

As of December 5, 2010, Facebook introduced some improvements on its profile pages. These enhancements asserts to ease user’s navigation to share stories and knowledge about their friends. The new profile page also contains a quick summary of user's information that can be viewed in top of the page.

Two days after the new profile rollout, spammed messages allegedly coming from Facebook were found informing its recipient to download a Facebook toolbar, purportedly intended to make it easier for users to share and connect with friends. The spammer even used the Facebook template to make their email seem legitimate. It contains a 'Download Here' button that redirects to a website that automatically downloads an EXE file, fb.exe.

Mail samples were already detected using AS Full Pattern 7816 official AU released, December 7, 2010 10:50PM (GMT 8).
 SPAM BLOCKING DATE / TIME: December 07, 2010 GMT-8
  • ENGINE:6.5
  • PATTERN:7816