Trojan.Bredolab is Making Yet Another Comeback.
October 27th, 2009
Security Response is aware of a new round of spam replacing old DHL and UPS themes in an attempt to spread Trojan.Bredolab.
Bredolab Delivers More Parcels and Cash
This time the email is masquerading as a notification from Facebook that the recipient’s password has been reset.
The message comes with a .zip file containing a malicious .exe file. Symantec detects the .exe files as Trojan.Bredolab.
This variant of Bredolab connects to a Russian domain and the infected machine is most likely becoming part of a Bredolab botnet.
Please keep your Symantec security product definition files up-to-date.