Threats, Malware

New trojan spreads via Facebook instant messaging and Yahoo Messenger

May 28, 2014

A new credential-stealing trojan is making the rounds and is spreading through Facebook and Yahoo's instant messaging features.

Researchers at Bitdefender discovered the malware and have indicated that a wave of infections have hit various countries including the UK, Germany, Denmark, France, Romania, Canada, and the U.S., according to a release by the anti-virus provider.

Dubbed Gen:Variant.Downloader.167, the malware surfaces as a message on Facebook instant messaging or Yahoo Messenger that politely asks “I want to post these pictures on Facebook, do you think it's OK?” The message is accompanied by a malicious Dropbox or Fileswap URL that if selected executes the malware and creates a folder with a random name and an “.exe” extension.

In addition to stealing usernames and passwords, attackers can have the trojan download additional malware through orders sent from command and control servers.

prestitial ad