



“The operators put significant effort into evading our attachment scanning services by creating many variations of the malformed zip files that would open properly in Windows, but would cause various scanning techniques to fail,” the team wrote.

Social Networking giants. On Tuesday Facebook threat team have posted that, Police in Greece had arrested two men last week, who are found in the connection with the spamming botnet called "", which Facebook have noted that theThe count of infected users are mainly from Greece, India, Poland, Norway, Portugal and some regions of U.S.The boot net was around from December 2013 and last month, affecting Facebook and other online services. Some of the victims received private messages containing a “.zip” attachment containing a Java JAR file or Visual Basic script.The spam botnet was spreading though Facebook message as like LoL Jar file malware attachment , and when users download and opened the attached file, it would execute an embedded Java archive file that would download Lecpetex main module and install a program to begin Litecoin mining secretly on the infected computer, and at the same time, other malware sent out from the botnet would steal bitcoins, email passwords and internet banking details.The Lecpetex botnet after executed, retrieve other malware modules stored on remote sites. The modules were either DarkComet, a widely used remote access tool that can harvest login credentials, or variants of software that mines the virtual currency Litecoin.When the authors of botnet knew that the Facebook team is tracing back them, they started leaving notes on command-and-control servers, and saying they weren't involved in fraud. Facebook team had reported the issue to the Greece Cyber Crime Team and Greece team have also shown their strong activeness on the case.With the depth effort of Facebook and help of Greece team, Greece police have arrested both authors of the Lecpetex botnet, a 31 years old and 27 years old.