Facebook Password Reset Confirmation Email Virus

by on March 25th, 2010

Click at the image above and see it in details. This is the email I received and my FaceBook account was recently hacked. I recovered it in few attempts (Genius). But here is a caution for everybody. FaceBook won’t email you attached files from [email protected] email address. So do not open attachments containing files with Facebook name in that or something like ‘Facebook_Password_3eb0e.zip‘ or ‘Facebook_Password.zip‘.

The title of the email can be “Facebook Password Reset Confirmation” or “Facebook Password Reset Confirmation! Customer Message!“. The reply-to address can be [email protected] or your own email address which is strange because whenever you get email from facebook, the domain is likely to be facebookmail.com.

The funny message contained the following body.

Because of the measures taken to provide safety to our clients, your password has been changed. You can find your new password in attached document.
Your Facebook.

Seriously the above message is funny. Here are the FaceBook Virus attachment file insight details:

Virus Total Results For Facebook Virus

Its a trojan. A FaceBook Trojan. Upon opening and running Facebook_Password_3eb0e.zip, it will call rogue anti spywares and will inject its own code in legitimate Windows processes like svchost.exe. And a lot of other things to infect the system fully.

And how did it manage to send it from my friend’s facebook account? Most probably, your friend’s account has been compromised. Facebook is aware of the situation and advises to change the password of your facebook account immediately if it has been sent from your account or if it is from your friend’s account, ask them to change their passwords immediately and scan their computers with an up to date antivirus.

According to FaceBook:

There’s another spoofed email going around that claims to be from Facebook and asks you to open an attachment to receive a new password. This email is fake. Delete it from your inbox, and warn your friends. Remember that Facebook will never send you a new password in an attachment.

For further reading about this issue, please follow:

FaceBook Security Advice
M86 Security

[ source for details ]

4 Reviews

  1. Hiroshi says:

    @Jonecia: Your Facebook account might have been hacked. You should contact FaceBook support.

  2. Jonecia says:

    I can get into my facebook its talk about go reset it and thats wat i did and its still not letting me in to my facebook.

  3. Anil says:

    my facebook has been hacked by someone………please help me………

  4. Cris says:

    Thanks for the information =) i get that message on my email xD