Facebook DMs Facilitating Koobface to SpreadTrend Micro security researchers caution that a latest version of the notorious Koobface worm is circulating on Facebook through Direct Messages (DMs). The spam entices users towards a harmful site by informing them that someone has posted their video on YouTube. The company states that as common with these kinds of harmful attacks, the English used in the mail is extremely bad. The URL, is somewhat concealed- the first domain name the user sees is of Facebook. This is because the link does authentically go to Facebook first. Any URL with the pattern http://www.facebook.com/l/{random character};{ redirected URL} shows the Facebook preview page for external links. Reportedly, hackers have been betting that users will avoid the warnings and move on to their site. Just in case users click on the malevolent link, they are directed to a page showing an image imitating the YouTube player with a pop-up box asking for a Flash player update. Clicking anywhere on the image leads to the installation of a harmful executable website identified as WORM_KOOBFACE.IC by Trend Micro. Jonathan Leopando, Technical Communications Specialist at Trend Micro, states that this malevolent site is hosted on several IP addresses. All of them have a common payload. But like several earlier KOOBFACE variants, this is used to install malware on user's system. One of them- TROJ_JORIK.D downloads what seems to be a webserver on the user's computer, probably starting again the KOOBFACE infection chain, as per the statement published by softpedia.com on July 5, 2010. The security experts at Trend Micro state that Koobface is the head of all social networking worms, and in general, one of the longest-running computer worms. Koobface attacks the login details of the users for propagating by spamming all of user's social networking friends. The spam campaigns of the worm have complicated social engineering, often involving a special video codec lure or a Flash Player upgrade. Lastly, for avoiding such harmful campaigns, Trend Micro advises users to log out of Facebook whenever it is not being used as it will reduce the risk to their system. Related article: Facebook Users Should be Careful of a Computer Virus » SPAMfighter News - 7/14/2010 |    |
Dear Reader
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!
 |  |
