Explore the latest news and trends  

Keep yourself up to date with one of the following options:

  • Explore more news around Spam/Phishing, Malware/Cyber-attacks and Antivirus
  • Receive news and special offers from SPAMfighter directly in your inbox.
  • Get free tips and tricks from our blog and improve your security when surfing the net.
Go
-->

Malware Writers Upgrade Koobface Botnet to Become More Resilient

According to security researchers at Trend Micro, people who created the social networking virus 'Koobface' have modified their botnet significantly so that it can better counter any attempt to its takedown.

Koobface, a PC virus, proliferates through the thefts of social-networking users' accounts from hijacked PCs. Its variants have scattered across Internet sites like Facebook, MySpace and of late, Twitter. Koobface, which began inflicting Twitter in July 2009, has proven extremely effective in infecting people using the site's micro-blogging service.

Trend Micro said - during the 3rd week of July 2009, the C&C (command-and-control) servers of Koobface botnet sent out a fresh instruction for the downloader component of the network. Accordingly, a host of Internet Protocol addresses was to be identified that would be used by the downloader element to supply proxies for recovering subsequent instructions as well as components.

Traditionally, the Koobface botnet had the downloader connected with the available C&C directly to take the server's instructions. But the recent instruction effectively changes the architecture of the Koobface botnet.

This modified and upgraded form of the Koobface setup enables the botnet to survive even if the whole lot of the C&C domains of the network is terminated provided the IP addresses, the Koobface-compromised PCs, host Koobface's revised instructions and components.

In the meantime, independent security researcher 'Dancho Danchev' has been monitoring the botnet generated by Koobface, and has been successful in persuading ISPs to shutdown its C&C servers.

His efforts have also drawn the attention of many in the industry, particularly the virus' writers, who have devised a scheme for strengthening its infrastructure.

Besides, security specialists at BitDefender caution that the virus is continuously proliferating on Twitter even though the site's staff has been trying to stop it. According to them, many users on Twitter do not check the links carefully before clicking on them, with some even lacking dependable and up-to-date anti-viruses on their systems.

During July 13-19, 2009, the Koobface infection rose 114%, 198% and 371% for Twitter users in the US, UK and France respectively.

Related article: Malware Authors Turn More Insidious

ยป SPAMfighter News - 17-08-2009

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Exchange Anti Spam Filter
Go back to previous page
Next