Recent News - ESET Advises on Latest Facebook Malware


BRATISLAVA– February 16, 2011 – Recently, Facebook users were exposed to a slew of worms, including Win32/Yimfoca.AA and Win32/Fbphotofake. Win32/Yimfoca.AA has even ranked in the ThreatSense.Net Top Ten in many European countries, including Austria, Italy, the Czech Republic and Slovakia, for the last few weeks.

According to Marek Polesensky, Malware Researcher at ESET, the Yimfoca worm uses Facebook chat to attack, while Fbphotofake is a social engineering worm which distributes itself and other malware through spam Facebook messages. Polesensky adds: “Yimfoca serves as a backdoor that can be controlled remotely and can also spread through other IM software like Skype, MSN or Yahoo Messenger.” Additionally, Yimfoca can also download and run other malicious software posted online - including fake anti-virus software, change security settings or deactivate the Windows firewall. Fbphotofake worm foremostly distributes Facebook spam. Users are advised to be careful and not to open suspicious and unknown attachments, or click on dubious links.

Instant Messaging worm Win32/Yimfoca.AA

Facebook worm Win32/Fbphotofake

Related to the recent malware attacks, David Harley, ESET Senior Research Fellow, has pointed out that Facebook messaging is increasingly exploited for Nigerian letter scams. “It is standard Advance Fee Fraud, with a little extra oomph in terms of emotional blackmail,” says Harley. He advises users to “be always sure about the identity of the sender and about the IM or Facebook message content.” Randy Abrams, Director of Technical Education at ESET North America notes that “a part of the problem is that the Facebook culture is anti-security and that is a very tough obstacle for their security professionals.”

Latest Facebook threats:
• The Win32/Yimfoca.AA worm has been spreading for the last few months, reaching Top Ten in several European countries according to ThreatSense.Net.
• Fbphotofake distributes Facebook spam. In case of both worms be careful and do not open suspicious and unknown attachments, or click on dubious links.
• Nigerian letter scams are being spread via Facebook messages as well.
• Facebook Security updates and information can be found here

About ThreatSense.Net®
ThreatSense.Net® is ESET’s in-the-cloud malware collection system utilizing data from users of ESET solutions worldwide. This continual streaming of information provides ESET Virus Lab specialists with a real-time accurate snapshot of the nature and scope of global infiltrations. Careful analysis of the threats, attack vectors and patterns serves ESET to fine-tune all heuristic and signature updates ̶ to protect its users against tomorrow’s threats.

To download a free trial of ESET's award-winning security software, visit

About ESET
ESET develops software solutions that deliver instant, comprehensive protection against evolving computer security threats. ESET pioneered and continues to lead the industry in proactive threat detection. ESET NOD32 Antivirus, its flagship product, consistently achieves the highest accolades in all types of comparative testing and is the foundational product that builds out the ESET product line to include ESET Smart Security. ESET Smart Security is an integrated antivirus, antispyware, antispam and personal firewall solution that combines accuracy, speed and an extremely small system footprint to create the most effective security solution in the industry. Both products have an extremely efficient code base that eliminates the unnecessary large size found in some solutions. This means faster scanning that doesn’t slow down computers or networks. Sold in more than 160 countries, ESET has worldwide production headquarters in Bratislava, SK and worldwide distribution headquarters in San Diego, U.S. ESET also has offices in Bristol, U.K.; Buenos Aires, AR; Prague, CZ; and is globally represented by an extensive partner network. For more information, visit our local office at

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The Company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which includes Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

Version 2 Singapore Pte Ltd is the local office of Version 2 Limited.
For more information, please visit or call (65) 6296-4268.

Previous News Next News

Return to the previous page