Fake Facebook Friend Notification Leads to Malware | Trend Micro Threat Encyclopedia

Export page to PDF

Fake Facebook Friend Notification Leads to Malware

Spam Blocking Date/Time: 26 Apr 2012 11:07:00 PM GMT-8

Trend Micro engineers spotted a spammed fake Facebook friend notification that leads to malware. The message uses URL cloaking technique, in which the URL redirects to a malicious website and downloads a malicious file to the system, which then exploits Adobe Acrobat. The downloaded file is detected as JAVA_AGENT.PEJ. The said malware downloads and executes another malware detected as TSPY_ZBOT.PEJ.

Trend Micro products blocks the URL and detects and prevents execution of the malware dropped/downloaded on the affected system. Users should go directly to their Facebook accounts to check and confirm friend requests.

TMASE Engine: 6.8
TMASE Pattern: 8868

Analysis By: Jona Ross Pereira

Where to Buy Trend Micro Products

For Home

For Small Business

For Enterprise

Not in the United States?
Select the country/language of your choice:

Asia Pacific Region

Europe

The Americas

Not in the United States?
Select the country/language of your choice:

Asia/Pacific

Europe

America

See all Home Products Internet Security Products for 1-10 Computers

PC & Mac Protection

Mobile Devices

More Products

Online Safety @ Home

All Topics

Product Support

MORE IN FOR HOME

Popular Products

Security Solutions
What areas do you need to secure next?

Data Security Challenges
and the resources to address them

I want to:

Current Threat Activity

Research and Analysis

Awareness and Prevention

More in Security Intelligence

Our Story

Our Technology

More in Why Trend Micro

Home & Home Office

Go To:

Popular Products

More Support

Business

Go to:

Popular Products

Threat Encyclopedia