Koobface Worm Attacks Facebook & Other Social Sites
According to security researchers at Trend Micro, the Koobface virus in a new version is spreading across Facebook to infect computers and steal users' log-in information and cookies. Furthermore, it is also spreading across other websites like MySpace.com, Bebo, Hi5Networks and MyYear.com.
The researchers further said that the Koobface variant sends messages to Facebook visitors saying they are from the user's friend. Moreover, these messages connect to a fake YouTube video. In a very effective social engineering trick, the landing page shows the name of the friend as well as his photo that has been extracted from his Facebook profile.
Thereafter, the page encourages the visitor to download a fresh version of Adobe Flash. But on doing that, the user is diverted to a site that downloads the setup.exe file, the latest variant of Koobface.
Trend Micro, which has identified this variant as WORM_KOOBFACE.AZ, says it runs on Windows NT, ME, XP, 98, 2000 and Server 2003. The worm transmits and accepts information from several servers to which it connects and allows remote hackers to execute commands to a hijacked system. The security company claimed that its researchers had observed over 300 distinct IP addresses that hosted the .exe file, as of March 1, 2009.
Furthermore, the Koobface virus first emerged in 2008, with different variants repeatedly attacking users of MySpace and Facebook. The security researchers state that these social networking websites are very effective in disseminating viruses globally.
Meanwhile, the Koobface.az attack isn't the only one against Facebook lately. Security companies noted that the website was target of two other scams in the end week of February 2009. The latest scam spammed messages to members saying that their friends had reported their names to Facebook for going against the site's 'terms of service.'
Hence, the security experts at Trend Micro ask users to remain cautious regarding the content they download from social networking sites, and also the information they put up on such sites as cyber criminals are always on the lookout for the same to exploit it against the users.
Related article: Koobface Worm Still Active on Facebook Through Hacked Accounts
» SPAMfighter News - 12-03-2009