Koobface Worm Still Active on Facebook Through Hacked Accounts
As per a security alert released by internet security firm, Websense, a computer worm Koobface that originally started spreading in July 2008 is still active, as reported by ZDnet on November 10, 2008.
The security e-mail reveals that user accounts after infection are manipulated to send messages to Facebook friends' addresses. This message is enticing and contains a link which uses a Facebook open redirector. When recipient opens the link, he is automatically diverted several times, finally landing on a spoofed YouTube site that delivers a malicious Trojan downloader.
Koobface worm depends mainly on already hijacked Facebook accounts for propagation. It uses hacked accounts as base for its social engineering campaigns and passwords acquired.
» SPAMfighter News - 24-11-2008