Virus hunters are raising the alarm for a large-scale spam attack that uses fake Facebook password-reset messages to trick PC users into downloading a dangerous piece of malware. The malicious executable is linked to the Bredolab botnet, which has been linked to massive spam runs and identity-theft related attacks. The messages contain a.zip file with an.exe file that connects to two servers to download additional malicious files and joins the. The. attackers have full control of the. PC, such as steal customer. information, send spam emails, and send. spam emails.
Source: https://threatpost.com/facebook-password-reset-spam-botnet-attack-102709/72714/