Worm Variants Target Facebook and MySpace Users

Kaspersky Lab, a major developer of management solutions for Internet threat, has spotted a pair of variants of a new computer virus. These are named Networm.Win32.Koobface.a and Networm.Win32.Koobface.b that attack MySpace and Facebook respectively. The worms' malicious payloads convert victim computers into zombies for botnets.

Meanwhile, according to the warning released by Kaspersky, viruses are crafted to upload extra malware that performs other functions. Also, there is a high possibility that the victim computers would not just be used to spread links via these social networks, but they would also be utilized to fulfill other malevolent purposes. It is important to note that these viruses are currently infecting only Facebook and MySpace users.

Thus, Networm.Win32.Koobface.a spreads infection when a computer user opens his MySpace account. The virus adds various commentaries to the user's friends' accounts. On the other hand, Networm.Win32.Koobface.b attacks Facebook users by crafting spam messages that are sent over to the user's buddies via the Facebook site.

Meanwhile, Kaspersky is sure that the worms' payloads suggest that the infected systems would be used to expand botnets in future.

Furthermore, the comments and messages include headlines like "Examiner Caught Downloading Grades from the Internet," "Paris Hilton Tosses Dwarf on the Street" among others.

They also contain links pointing to youtube.[skip].pl and if a user clicks on any of these links, he/she is led to a Website containing a video clip. But on trying to play it, a message asks the user to install the most recent version of Flash Player to enable him/her to view the clip.

However, in place of the latest version of Flash Player, an executable file called codesetup.exe is downloaded that is actually a network virus. The outcome is that those users who access the Website via Facebook would have the MySpace virus downloaded onto their systems and vice-versa.

Meanwhile, malicious hackers in general use counterfeit codecs along with video baits, but as it is normal to download Flash Player during surfing, users are likely to fall for the current social engineering trick claiming to provide Flash Player.

Related article: Worm Spreads With Random Subject Lines

» SPAMfighter News - 14-08-2008

All SPAMfighter products offer a free trial!

SPAMfighter is a free spam filter for Outlook, Outlook Express,Windows Mail, Windows Live Mail and Thunderbird.

Optimize your Slow PC for better performance. Try FREE scan now

Disk space recovery
and disk optimization. Try FULL-DISKfighter free

SPAMfighter Exchange Module is a Spam filter for Exchange server - Free 30 days trial.

Remove Spyware with SPYWAREfighter - Free 30 days trial

Antivirus software for your Windows PC - Free 30 days trial