Microsoft Joins Facebook in Wiping out Koobface
With help from Microsoft, Facebook has taken giant leap forward in combating Koobface, a virus that has been creating chaos on the popular social networking websites for long time.
In the early days of April 2009, Microsoft, after discussing with the security team of Facebook, revised its free MSRT (Malicious Software Removal Tool) to spot and eliminate the Koobface group of malware.
Jeff Williams, Principal Group Manager, the Microsoft malware Protection Center, writes in a posting to a blog that ever since the center added the Koobface malware to the already MSRT detected group of over 100 malware families, it has been able to protect a large number of people from threat, as reported by PCMAGG on April 2, 2009.
Commenting on this point, computer security experts said when Koobface becomes active, it spams messages to the friends of a target user with captions like "Check out this video". Subsequently, the messages direct the recipients to a third party's site harboring malware. There is also a message for the site visitor to download a codec to watch the video. But the codec carries the malicious payload that when run on a Windows system gets activated to restart the entire infection cycle. The malicious program also adds a backdoor component to the compromised systems that allows remote hackers to download Trojan horses or other nasty programs.
Furthermore, Koobface spreads on MySpace and Facebook, the social networking websites, via messages that are socially engineered. When these messages pass from the infected user to his contacts, the recipients, trusting the source and the messages, click on the given links that eventually infect them as well or steal their account details.
Additionally, security experts stated the Koobface family includes other payloads besides the Koobface worm. These are various components with which other malware can be distributed, sensitive data stolen, pay-per-click ads generated, and CAPTCHAS broken. Hence, Microsoft is trying to unravel these components as well.
Besides, Koobface variants first emerged in August 2008. Other versions, some attacking Bebo and MySpace, also surfaced and are still spreading, while the latest one targeting Facebook has been prevalent in August, December and March.
Related article: Microsoft Patches Live OneCare to Tackle Quarantined E-Mails
» SPAMfighter News - 11-04-2009