Friday, October 30, 2009 3:33 PM cmosby

Trojan.Bredolab is Making Yet Another Comeback – Symantec Security Blogs

Trojan.Bredolab is Making Yet Another Comeback.

Shunichi Imano's picture
Shunichi Imano
October 27th, 2009
Filed under: , , , ,
Security Response is aware of a new round of spam replacing old DHL and UPS themes in an attempt to spread Trojan.Bredolab.

Taking a Closer Look at Trojan.Bredolab
Bredolab Delivers More Parcels and Cash
 

This time the email is masquerading as a notification from Facebook that the recipient’s password has been reset.

Facebook.PNG
 
The message comes with a .zip file containing a malicious .exe file. Symantec detects the .exe files as Trojan.Bredolab.

This variant of Bredolab connects to a Russian domain and the infected machine is most likely becoming part of a Bredolab botnet.
 
Filed under: , ,

Comments

No Comments