Instant messaging Trojan spreads through the UK
Posted on 27.05.2014
Hundreds of computer systems have been infected with the latest instant messaging Trojan. Bitdefender has spotted an increasing wave of infections in the past week in countries such as the UK, Germany, France, Denmark, Romania, the US and Canada.


“After gaining access to users’ contact lists, Gen:Variant.Downloader.167 distributes itself through Facebook’s instant messaging and Yahoo Messenger from one friend to another,” states Catalin Cosoi, Chief Security Strategist at Bitdefender. “Besides being wonderfully polite, the Trojan also uses biblical verses as decryption keys for its data.”

It starts when users receive a polite question from a Facebook or Yahoo Messenger friend whose system has been infected with the malware. “I want to post these pictures on Facebook, do you think it’s OK?,” the malicious messages read. To add legitimacy, the URLs following the question belong to storage services Dropbox and Fileswap, frequently used for sharing pictures and files.

The malware is then executed on the machine, where it creates a folder with a random name and an “.exe” extension. It also shows a message box during the installation process.

“This application is not compatible with the version of Windows you're running,” the message reads. “Check your computer's system information to see whether you need an x86 (32-bit) or x64 (64-bit) version of the program, and then contact the software publisher.” The downloader can restart and update itself.

In May 2013, a similar piece of malware infected thousands of Facebook users worldwide. The Dorkbot malware posed as a “jpg” image but was actually an executable file, capable of spying browser activities and stealing personal data. Another scam promised naked videos of Facebook friends but dropped a Trojan instead.





Spotlight

How to keep your contactless payments secure

Posted on 19 September 2014.  |  Fraudsters can pickpocket a victim’s financial data using low-cost electronics that can fit into a rucksack. Here are the top security threats you should be aware of if you’re using a RF-based card, along with our top safety tips to keep your payments secure.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Mon, Sep 22nd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //