Monday, September 14, 2009

Koobface Virus

Recently there was a new virus so-called Koobface ,that attacks the social networking of facebook and myspace.

Koobface is worm type .W32/Koobface.worm spreads via Facebook and MySpace. Current variants only target either Facebook or MySpace specifically. The worm spreads by fooling users into downloading and running it from links sent via Facebook and MySpace users.

Below some information about koobface from wikipedia
Koobface, an anagram of Facebook, is a computer worm that targets the users of the social networking websites Facebook, MySpace, hi5, Bebo, Friendster and Twitter. Koobface ultimately attempts, upon successful infection, to gather sensitive information from the victims such as credit card numbers. It was first detected in December 2008 and a more potent version appeared in March 2009.

Koobface spreads by delivering Facebook messages to people who are 'friends' of a Facebook user whose computer has already been infected. The messages contain innocuous subject headers like "Paris Hilton Tosses Dwarf On The Street", "LOL", "My friend catched you on hidden cam", and "My home video :)", followed by a link. Upon receipt, the message directs the recipients to a third-party website, where they are prompted to download what is purported to be an update of the Adobe Flash player. If they download and execute the file, Koobface is able to infect their system. It can then commandeer the computer's search engine use and direct it to contaminated websites.

Among the components downloaded by Koobface are a DNS filter program that blocks access to well known security websites and a proxy tool that enables the attackers to abuse the infected PC.

Several variants of the worm have been identified:

* Net-Worm.Win32.Koobface.a, which attacks MySpace
* Net-Worm.Win32.Koobface.b, which attacks Facebook.
* WORM_KOOBFACE.DC, which attacks Twitter.
* W32/Koobfa-Gen, which attacks Facebook, MySpace, hi5, Bebo, Friendster, myYearbook, Tagged, Netlog, Badoo and fubar.

The Windows operating system is currently the only operating system affected by the worms.

The following just tips for you if your account has recently been used to send spam, please visit one of the online antivirus scanners and reset your password on Facebook.

No comments:

Post a Comment

Please leave your comments or your promotion links, but don't add HTML links into the comment body, because I consider it as a spam, and will be delete..

Thank you for your visit..