Spam Outbreak Masquerading as Facebook Notification, Discloses Sophos

Security researchers from Sophos the security company are cautioning Facebook members that they require being wary of a fresh spam campaign, which posing as being sent from the social networking website, is hitting their mailboxes.

The e-mail, after offering greetings to the recipient, informs that a friend of his/her has included one fresh photograph with him (or her) into the album. And since that friend has classified the recipient as one intimate pal, he/she is getting the current e-mail. The photograph is given inside a file within an attachment, the e-mail concludes.

Reportedly, the name of the file is "New_Photo_With_You_on_Facebook_PHOTOID[random].zip" with "random" being one auto-generated digit.

The malware, states Sophos that was foremost in spotting the spam outbreak, is Troj/Agent-XNN. With a size 61KB, the malicious program replicates itself onto "C:\Documents and Settings\All Users\svchost.exe" as well as resides on Windows registry pretending to be an updater of Sun Java. This is for making sure that the malware becomes active whenever the computer starts up.

Remarking about this new malware-laced junk e-mail assault, Senior Technology Consultant Graham Cluley at Sophos stated that certainly a lot of individuals who could get so fooled that they'd trust they were in a picture with their friend, and thereafter wished for viewing whether they looked unappealing, plump, or just gorgeous. Nakedsecurity.sophos.com published this in news dated August 28, 2012.

Apparently, because Facebook is so widely used, the social website has become the latest lure as also the switch-over technique by online crooks. Thus, it's imperative that end-users become increasingly wary about Facebook viruses since the latter are chanced to getting increasingly commonplace.

Moreover, following the above discussion, Sophos warns that, in general, people must not view attachments nor follow web-links in e-mails unless they're wholly sure that they recognize the senders.

Meanwhile, in a similar Facebook virus attack against otherwise protected PCs through photo notifications, during July 2012, Sophos detected that the spam mail at that time looked just like the usual photo notification except that the e-mail writer wrongly spelled "Faceboook" instead of "Facebook." Besides, the malware Sophos had identified too was different, since it was "Troj/JSRedir-HW."

Related article: Spam Scam Bags a Scottish Connection

» SPAMfighter News - 9/4/2012