Facebook users hit by botnet attack

Fake email contains 'Bredlab' Trojan downloader
Publish date:
Social count:
Fake email contains 'Bredlab' Trojan downloader

Nearly 750,000 Facebook users have received fake password reset messages, security researchers have found.

According to ComputerworldUK, a huge botnet attack has hit the social networking site, sending users messages claiming their passwords have been reset as a security measure.

The emails usually bear a subject line such as 'Facebook Password Reset Confirmation', and contain a .zip attachment that purports to contain a new password. The file contains a Trojan downloader which antivirus vendors have dubbed ‘Bredlab’ or ‘Bredolab’.

The downloader finds malware from hacker servers, including fake security products, and installs it on the PC.

Security software vendors including Symantec and Websense have warned Facebook users about the botnet attack. Shunichi Imano, a security researcher at Symantec, wrote in an official blog: "This variant of Bredolab connects to a Russian domain and the infected machine is most likely becoming part of a Bredolab botnet."

Cloudmark's abuse operations manager Jamie Tomasello told ComputerworldUK that the firm had detected thousands of the fake Facebook messages since Monday. "Our count continues to go up, and is at about 735,000 now," she said.