New password-stealing virus targets Facebook

Author: 
REUTERS
Publication Date: 
Fri, 2010-03-19 13:53

The e-mails tell recipients that the passwords on their Facebook accounts have been reset, urging them to click on an attachment to obtain new login credentials, according to anti-virus software maker McAfee Inc.
If the attachment is opened, it downloads several types of malicious software, including a program that steals passwords, McAfee said on Wednesday.
Hackers have long targeted Facebook users, sending them tainted messages via the social networking company's own internal e-mail system. With this new attack, they are using regular Internet e-mail to spread their malicious software.
A Facebook spokesman said the company could not comment on the specific case, but pointed to a status update the company posted on its web site earlier on Wednesday warning users about the spoofed e-mail and advising users to delete the e-mail and to warn their friends.
McAfee estimates that hackers sent out tens of millions of spam across Europe, the United States and Asia since the campaign began on Tuesday.
Dave Marcus, McAfee's director of malware research and communications, said that he expects the hackers will succeed in infecting millions of computers.
"With Facebook as your lure, you potentially have 400 million people that can click on the attachment. If you get 10 percent success, that's 40 million," he said.
The e-mail's subject line says "Facebook password reset confirmation customer support," according to Marcus.

Taxonomy upgrade extras: