Trojan attacks Yahoo! and Facebook instant message users

The latest malware targeting Yahoo! and Facebook instant messaging services has affected over 1,000 systems in a number of countries – the UK included – in the last few weeks.

The ‘Gen:Variant.Downloader.167′ Trojan was  recognised by researchers based at security company Bitdefender. It tricks users of Yahoo! Messenger and Facebook instant messaging into believing its payload is a question from a friend, so that the user proceeds to download it.

Catalin Cosoi, the chief security strategist for Bitdefender, said that the Trojan intrigues people by posing a polite question. The malware makes the users feel safe by offering a web link to Fileswap, Dropbox or other storage devices related to the question.

The Trojan is capable of many things, such as storing user details or downloading further malware. Once it has gained access to the user’s system, it is able to access their contact list and infect their friends.

Thus far, Bitdefender has managed to block the malware from infecting more than 1,300 systems mainly in Japan, Canada, Germany and Romania, as well as some in the United Kingdom and elsewhere.

Should employees use instant messaging at work and fall foul of the Trojan, it could cause havoc, with contact lists being professional rather than personal. One option for bosses is to discourage use of such services, but it is also advisable to have a security expert in-house to deal with such threats. Some companies may wish to post information security contract jobs and hire someone on a trial basis. Whether temporary or permanent, these companies would become more secure, at least in the short term.