Facebook Users Targeted in Massive Spam Run (PC World)

Facebook's 400 meg users hit been targeted by a email separate that could foul their computers with vindictive cipher fashioned to steals passwords and another data, according to section researchers at McAfee.

Over the terminal digit days, jillions of messages hit been sent, which McAfee perceived finished customers streaming the company's section software, said Dave Marcus, McAfee's administrator of section investigate and communication.

The messages materialize to embellish from Facebook, with a convey come that looks lawful but has been spoofed, much as "help@facebook.com," Marcus said.

The messages feature that the user's Facebook countersign has been set and the individual should download an adhesion that contains the newborn password. The English-language messages are grammatically correct, but include an mismatched sign-off: "Thanks, Your Facebook." McAfee has included a screenshot on its blog.

The adhesion is actually a Dardanian equid program, which infects a machine without some circumpolar signs. Marcus said the email separate contained a difference of malware programs, including countersign stealers, rapscallion antivirus programs or botnet code.

No Web place would automatically set someone's countersign and beam the newborn digit in an e-mail, Marcus said. Facebook's broad sort of users makes it a maturity direct for spammers and hackers.

"There's a Brobdingnagian individual bet to go after," Marcus said.

Although it's uncharted how some grouping haw hit been unknowingly duped, "I'd adopt a aggregation of grouping would start for something same that," Marcus said.

The email is believed to hit been dispatched from botnets titled Cutwail and Rustock. Botnets are groups of computers that are dominated by hackers and ofttimes utilised for vindictive state much as sending email or conducting denial-of-service attacks against Web sites.

Security analysts hit been experimenting with assorted structure to closed downbound botnets. Over the terminal some weeks, digit botnets titled Mariposa and Waledac were closed downbound after section experts were healthy to pirate the command-and-control servers utilised to transmit with pussy computers.

But botnets hit embellish more and more worldly and harder to combat. Many machine users don't modify undergo their computers are infected, and the botnet cipher is engineered to refrain spotting by antivirus programs.