Softpedia
 
HomepageWindowsGamesDriversMacLinuxScripts buttonMobileHandheldNews

NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>
Home > News > Security

December 7th, 2010, 09:58 GMT · By

Fake Google and Facebook Joint Prize Campaign Leads to Zbot

SHARE:

Adjust text size:


Spam emails claim Google and Facebook prize giveaway campaign
Enlarge picture
Security researchers warn that spam emails suggesting a joint prizes giveaway campaign from Google and Facebook eventually lead to a variant of the Zbot banking trojan.

The fake emails purport to come from “Google and Facebook team” and bear an uninspired subject of “From the Google and Facebook team.”

The contained message suggests that Google and Facebook, which have pretty much been at each other’s throats, have decided to put their differences aside and join together to give prizes away to users. The emails read:

Dear subscriber,

As you may know, the holidays are just around the corner, so all of us here at Google and Facebook decided to come together and bring you a new contest with lots of prizes, including, but not limited to, the new Google Chrome OS which will be released in January 2011, Nexus One smartphones, Google Maps GPS for your favourite mobile phone and lots more.

Think of it as our way of saying: ‘Thank you !’ for supporting our work all this time. For a chance to win, all you have to do is go to the attached page and follow the instructions.

Hope you enjoy,
Google & Facebook.

Ironically enough, two of the three mentioned prizes are actually free products to begin with and all of them are from Google. We are, therefore, unsure of what Facebook is supposed to bring to the table in this imagined campaign, except for its name as lure.

The attached file is called “Google & Facebook.html” and contains obfuscated JavaScript code. When opened inside a browser it redirects to a website that serves an exe file for download.

According to security researchers from BitDefender, this file is a trojan downloader written in .NET, meaning that it requires the .NET Framework installed on the targeted system in order to run.

The original dropper installs a secondary downloader, which distributes several information stealing trojans, including Zbot.

Users are advised never to download files they didn't explicitly asked for. They should also exercise increased caution when receiving email attachments, even when they appear to originate from trusted sources.

TELL US WHAT YOU THINK:

1,259 hits · 1 comment · Link to this article · Print article · Send to friend · Subscribe to news

MUST-READ RELATED ARTICLES:


Fake Facebook Alerts Distribute ZeuS Trojan
Infected Emails Pose as New Password Notifications from Facebook
New Worm Propagates via Fake Emails Allegedly Sent by Large Websites
Malware Pushers Abuse Gmail Invitation Template

READER COMMENTS:


Comment #1 by: Umar gurung on 09 Jul 2011, 08:50 UTC reply to this comment

we love facebook and google

Copyright © 2001-2012 Softpedia. Contact/Tip us at

WindowsGamesDriversMacLinuxScriptsMobileHandheldNews

SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   UPDATE YOUR SOFTWARE   |   ROMANIAN FORUM
© 2001 - 2012 Softpedia. All rights reserved.
Softpedia® and the Softpedia® logo are
registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use