Análisis realizado por Michael Angelo Casayuran

Trend Micro researchers received samples of a spammed email message claiming to be an email notification from social networking site Facebook. Written in Spanish, the body of the message informs the readers that a private multimedia message has been received. Users can supposedly view the message by clicking on the icon provided. However, clicking the icon points to a website that prompts the download of an executable file named MMS_Facebook.exe. Trend Micro detects this as BKDR_IRCBOT.FBK.

Users should always be wary of mails such as these, even if they first appear to be legitimate and from trusted sources.

 Fecha/hora de bloqueo del spam: 27 de mayo de 2012 GMT-8
 TMASE
  • Motor TMASE:
  • Patrón TMASE: 8932