It has become a predictable pattern – every time Facebook introduces some changes, malicious spammers start e-mail campaigns that try to take advantage of the news and lure users into downloading malware.
This latest spam run offers a “Facebook toolbar”. If the e-mail looks familiar, it is because it is identical to one used in a spam campaign more than half a year ago, when the offered file presented a veritable jumble of incongruous information.
This time, the “Download Here” button takes the victim to a website where an automatic download of a file called fb.exe is started. According to Trend Micro researchers, it contains several component files, among which is a backdoor Trojan that installs an IRC client on the infected machine.