Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Backdoor IM Work Represents Latest Web 2.0 Threat

ESET : 18 February, 2011  (Technical Article)
ESET comments on the latest malware that is affecting users of social network sites and those who use instant messaging services such as Skype or MSN

Recently, Facebook users were exposed to a slew of worms, including Win32/Yimfoca.AA and Win32/Fbphotofake. Win32/Yimfoca.AA has even ranked in the ThreatSense.Net Top Ten in many European countries, including Austria, Italy, the Czech Republic and Slovakia, for the last few weeks.


According to Marek Polesensky, Malware Researcher at ESET, the Yimfoca worm uses Facebook chat to attack, while Fbphotofake is a social engineering worm which distributes itself and other malware through spam Facebook messages. Polesensky adds: “Yimfoca serves as a backdoor that can be controlled remotely and can also spread through other IM software like Skype, MSN or Yahoo Messenger.” Additionally, Yimfoca can also  download and run other malicious software posted online - including fake anti-virus software, change security settings or deactivate the Windows firewall. Fbphotofake worm foremostly distributes Facebook spam. Users are advised to be careful and not to open suspicious and unknown attachments, or click on dubious links.


Related to the recent malware attacks, David Harley, ESET Senior Research Fellow, has pointed out that Facebook messaging is increasingly exploited for Nigerian letter scams. “It is standard Advance Fee Fraud, with a little extra oomph in terms of emotional blackmail,” says Harley. He advises users to “always be sure about the identity of the sender and about the IM or Facebook message content.” Randy Abrams, Director of Technical Education at ESET North America notes that  “a part of the problem is that the Facebook culture is anti-security and that is a very tough obstacle for their security professionals.”


Latest Facebook threats:


• The Win32/Yimfoca.AA worm has been spreading for the last few months, reaching Top Ten in several European countries according to ThreatSense.Net.


• Fbphotofake distributes Facebook spam. In case of both worms be careful and do not open suspicious and unknown attachments, or click on dubious links.


• Nigerian letter scams are being spread via Facebook messages as well.

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo