Fake Facebook Phishing Email Leads to Asprox Malware
New malicious scam that is targeting Facebook user is now circulating and have been spotted by hoax-slayer. the email claims to be sourced from Facebook and inform user that the account password has been reset due to suspicious activities. obviously the email is just a spoofed message that include a malicious link.
The email have a link to compromised website that will download a zip file which contain exe that will install Asprox malware. Asprox is a malware that have a special way to propagate as when it infect a machine victim will start to scan and search for vulnerable website to make a SQL injection and insert an iFrame on the vulnerable website that will redirect user to the server that host the malware.
Screenshot for the spoofed email sourced hoax-slayer
If you receive a similar email make sure to ignore the message and move it to junk folder so your spam filter will update it definition.