Christmas Greetings on Facebook Served with Infection
According to PandaLabs, Panda Security's research wing, a new Koobface variant, Koobface.GK, is making rounds over the popular social networking site Facebook.
Giving the details of the attack, Panda Security stated that when a user follows the malicious link posted on the Facebook users' wall, the bait directs him/her to a spurious embedded video player appearing as a Christmas greeting. As the users make attempts to click a link on the fake webpage or to play the video, Koobface.GK gets installed on their systems.
Once the computer installs this virus, users are presented with a captcha on their monitors which threatens them to reboot the systems within three minutes. However nothing such happens, but the worm makes the system inoperable. If one solves the captcha at the request of the worm, new Facebook accounts are created, which help the worm to spread further.
According to Luis Corrons, technical director, PandaLabs, many users have a misconception that it is secure to post their personal content on social networking websites like Facebook; consequently, the social networks have turned out to be the most vulnerable and preferred sources for the hackers to disseminate their malicious creations, as per the statement published by prnewswire.com on December 9, 2009.
Cisco's 2000 Annual Security Report also considers social networks as risky, and identifies around 3 Million computers have got affected by the Koobface worm.
PandaLabs recommends that while surfing social networking websites, Internet users must avoid clicking doubtful links from unreliable sources. Same rule goes for messages received via Facebook, other such websites and e-mails. It is must to check the target URL while clicking on links, and in case the URL is difficult to recognize, it's better to close the browser.
The firm also suggests that even if nothing suspicious is recognized on that page, and a user is requested to download or install something, he must not accept the request. The most important thing to remember is that in case a user downloads or installs an executable file, and if the system begins displaying messages, it is probably a malware invasion.
On a general note, it is recommended to ensure the protection of the computers from all sorts of malicious codes.
Related article: Christmas Spam Most For Aussies
» SPAMfighter News - 19-12-2009