ESET Press Center

ESET today has announced the detection of a dangerous new variant of the Win32/Delf.QCZ trojan that has started to spread via Facebook. The malware has the capability to deactivate AV protection that is not up-to-date. A trojan horse is a type of malaware that pretends to be a useful program, but in fact is malicious software with harmful intentions. ESET security solutions effectively detect and remove this type of malware.

The Win32/Delf.QCZ trojan is especially deceitful as it uses Facebook chat to spread. The incriminated message one receives starts with "Hi how are you" which is purportedly sent by someone from the user's friend list, but in fact is a bot communicating directly, even referring to the user himself in conversation. Additionally, it carries a malicious video link that also mentions the user by name. The user is then prompted to install a Flash player which serves to download the malware.

According to ESET ThreatSense.Net statistics, the Win32/Delf.QCZ trojan has currently registered the highest infection ratio in countries in Central and Eastern Europe like Ukraine, Russia, Belarus, Slovakia, Czech Republic and Serbia/Montenegro and is spreading fast toward the Middle East. The malware's share in Israel ranks it in the top 8 and computers in the Asia-Pacific region of Thailand and Malaysia are becoming affected as well.

Spreading of Win32/Delf.QCZ Facebook trojan across the world

"So how can one protect oneself against this dangerous trojan? First of all, communication with it on Facebook chat is out of the question as it is a computer bot. For non-English language countries, one tell-tale sign might be already that a friend is communicating in English. Second, the video link imitating YouTube looks suspicious as well," says ESET Malware Researcher Robert Lipovsky. Antivirus software is ever-important in this case if the user happens to click the link as it secures the PC against anything that would otherwise take place after the infection gets through. The trojan can misuse its host for criminal activities and spread various other malware.

Based on social engineering strategies, malware developers are turning to social networks to spread malicious code. One recent example, the trojan called Koobface, is an especially vicious form of infiltration. Its name is taken from the most popular social network. The Trojan's main aim initially was to get "noticed" by a way of using attractive messages that were shown via social networks. The malware then created a botnet, a network of zombie PCs that can be remotely controlled by the attacker.

This is why ESET recommends several security tips when on social networks:

·         Always use updated and high-quality antivirus and security software.

·         Use caution whenever the conversation looks suspicious: for example when your native chat is not in English.

·         Refrain from clicking on suspicious links.

·         Adjust security and privacy settings on social networks and friend only people that you know from real life.

·         Many third party applications might be the work of cybercriminals and fall in the unwanted spam category. You do not want to share your private details with these entities.

About ESET
ESET is on the forefront of security innovation, delivering trusted protection to make the Internet safer for businesses and consumers. IDC has recognized ESET as a top five corporate anti-malware vendor and one of the fastest growing companies in its category. Trusted by millions of users worldwide, ESET is one of the most recommended security solutions in the world. ESET NOD32 Antivirus consistently achieves the highest accolades in all types of comparative testing, and powers the virus and spyware detection in ESET Smart Security and ESET Cybersecurity for Mac. Sold in more than 180 countries, ESET's global headquarters is in Bratislava, Slovakia, with distribution headquarters for North America located in San Diego, California. ESET also has offices in Buenos Aires, Prague, Krakow and Singapore and is represented by an extensive global partner network. For more information, visit http://www.eset.com/ or call +1 (619) 876-5400.