August 4, 2011 | Bratislava | Press Releases

ESET Warns Against Facebook-spread Trojan and Offers Security Tips

Social networks are not only a place for fun, chat and connecting with your friends, it is also a place where cyber-crime flourishes. Just a short time ago a new dangerous variant of a trojan detected by ESET as Win32/Delf.QCZ  started to spread via Facebook. The malware has the capability to  deactivate AV protection that is not up-to-date. A trojan horse is a type of malaware that pretends to be a useful program, but in fact is a malicious software with harmful aims. ESET security solutions effectively defect and remove this type of malware.

The Win32/Delf.QCZ  trojan is especially deceitful as it uses Facebook chat to spread. The incriminated message one receives starts with "Hi how are you" which is purportedly sent by one of  the user’s friend list, but in fact is  a bot communicating directly, even referring to the user himself  in conversation. Additionally, it carries a malicious video link that also mentions the user by name. The user is then prompted to install a Flash player which serves to  download the malware.

According to ESET ThreatSense.Net statistics, the Win32/Delf.QCZ  trojan has currently registered the highest infection ratio in countries of Central and Eastern Europe like Ukraine, Russia, Belarus, Slovakia, Czech Republic and Serbia/Montenegro and is spreading fast  to Middle East. The malware’s share in Israel ranks it in top 8 and already in the Asia-Pacific region Thailand and Malaysia are becoming affected.

 

Spreading of Win32/Delf.QCZ Facebook trojan across the world

Spreading of Win32/Delf.QCZ Facebook trojan across the world

 

“So how can one protect oneself against this dangerous trojan? First of all, communication with it on Facebook chat is out of the question as it is a computer bot. For non-English language countries, one tell-tale sign might be already that a friend is communicating in English. Second, the video link imitating YouTube looks suspicious as well,” says ESET Malware Researcher Robert Lipovsky. Antivirus software is ever important in this case if the user happens to click the link as it secures the PC against  anything that would otherwise take place after the infection gets through. The trojan can misuse its host for criminal activities and spread various other malware.

Based on social engineering strategies, malware developers are turning to social networks to spread malicious code. One recent example, the trojan called Koobface is an especially vicious form of infiltration. Its name is taken from the most popular social network. The Trojan’s main  aim initially was to get "noticed" by a way of using attractive messages that were shown in the social networks. The malware then created a botnet, a network of zombie PCs that can be remotely controlled by the attacker.

 

This is why ESET recommends several security tips when on social networks:

  • Always use updated and high-quality antivirus and security software.
  • Use caution whenever the conversation looks suspicious: for example when your native chat is not in English.
  • Refrain from clicking on suspicious links.
  • Adjust security and privacy settings on social networks and friend only people that you know from real life.
  • Many third party applications might be the work of cyber-criminals and fall in the unwanted spam category. You do not want to share your private details with these entities.

 


About ESET

Founded in 1992, ESET is a global provider of security solutions for businesses and consumers. The Company pioneered, and continues to lead, the industry in proactive threat detection. ESET NOD32 Antivirus holds the world record for the number of Virus Bulletin "VB100” Awards, and has never missed a single “In-the-Wild” worm or virus since the inception of testing in 1998. ESET NOD32 Antivirus, ESET Smart Security and ESET Cybersecurity for Mac are trusted by millions of global users and are among the most recommended security solutions in the world.

The Company has global headquarters in Bratislava (Slovakia), with regional distribution headquarters in San Diego (U.S.), Buenos Aires (Argentina), and Singapore. ESET has malware research centers in Bratislava, San Diego, Buenos Aires, Prague (Czech Republic), Krakow (Poland), Montreal (Canada), Moscow (Russia), and an extensive partner network in 180 countries.