Facebook Virus Continues to Spread InfectionAccording to news published in early August 2008, security companies detected a computer worm propagating on Facebook via wall posts and claiming to contain a movie that requires the installation of a codec. The worm is now being detected in its varied versions every week. It appears that the virus is a modified version of a malware called Koobface, identified by Kaspersky Labs. It is a complicated worm but unsophisticated in execution. The worm uses the same tactic of social engineering in which poorly worded messages are sent to Facebook users depicting subject lines as "Hej!" or "Hi My Friend" and includes a link pointing to a video that pretends to depict the reader in some form. However, rather than downloading the video, the message says that the user's Flash Player has become obsolete; therefore, a fresh codec is required. But when a user clicks on the movie player or the profile information of the sender that actually consists of fake comments, an unwanted download starts. This download relates to a file called "codecsetup.exe" and till download, the virus' techniques are same as were used earlier. However, on opening the codec, a file is created called "fbtre9.exe", which is different from Koobface.A file that created the "mstre6.exe" file. It seems this is the only dissimilarity between the original and new versions of the worm (Koobface), and it is the twelfth time, when worm altered the manner of download. When the file runs first time on the system, it presents an error note and starts searching for ID cookies of users on Facebook. If it finds any cookie, the outcomes are repeated each time the computer reboots. According to Max Kelly, Security Head of Facebook, below 0.002% of users on Facebook has been infected; however, they are notified with suggestive steps to eliminate the malware. But the statement is incorrect so far as BetaNews is concerned. It deliberately installed the Koobface malware onto a virtual system and people were neither alerted nor informed with corrective measures. In any case, the message, which contained the virus, promptly disappeared after obtaining the required files, which has been attributed to either Facebook's diligent staff or users. Related article: Facebook Users Should be Careful of a Computer Virus ยป SPAMfighter News - 9/6/2008 |    |
Dear Reader
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!
 |  |
