• Koobface Wriggles Into Facebook, Again

    Koobface Wriggles Into Facebook, Again

    Techtree News Staff, Mar 04, 2009 1203 hrs IST

    Worm enters via a link that's sent to users from "a friend"

    mail share


Here is some more news adding up to the recent hiccups faced by the social networking site Facebook. This time around, the website has been hit by a new variant of the Koobface worm.

This worm enters via a link that's sent to users from "a friend", leading to a video. According to Rik Ferguson of the Trend Micro blog, "On the face of it, it is a very familiar looking spoofed version of YouTube, complete with bogus comments from 'viewers.' Once the user clicks on the Install button, it redirects to a download site for the file setup.exe, which is the new Koobface variant detected as WORM_KOOBFACE.AZ."






Analysis reveals that it's not just Facebook, other websites have been affected by this worm as well. These include hi5.com, myspace.com, tagged.com, bebo.com, friendster.com, and myyearbook.com, among others. According to Trend Micro, the worm connects to a site using the log-in details stored in the saved cookies and then searches for the infected user's friends, who would then receive a message containing a link through which the worm can infect their PC. The Koobface also sends and receives information from an infected machine, allowing hackers to execute commands on the affected machine.

This is not the first time Facebook has been affected by Koobface. It happened in December last year too. It was only a couple of days back that bogus emails were sent to users' contacts saying 'F a c e b o o k - closing down!!!'.


Image via: Trend Micro

Follow Techtree on Twitter

Related Links
Security lapse compromises Facebook privacy
Koobface Wriggles Into Facebook
Koobface Strikes Facebook, MySpace Again
Tag keywords
Koobface Facebook worm Koobface variant WORM_KOOBFACE.AZ F a c e b o o k - closing down YouTube Trend Micro



Discussion Board
(5) Comments
NLW
,Vienna, on Mar 08, 2009 01:08 AM
It is a shame that there are creeps out there writing viruses.....will they be terrorists when they grow up? They need to get a life!
Report abuse
Sue
,Iseman, on Mar 05, 2009 12:14 AM
I have also been infiltrated with spam after responding to Facebook Ads listed on the right side of the screen. Should have know it was bogus "free Macbook"
Report abuse
ahmed
,zagazig, on Mar 04, 2009 10:56 PM
by the name of GOD , I start my comment
Report abuse
Brooks Gibson
,Asheville, NC, on Mar 04, 2009 10:06 PM
When Facebook becomes a more reliable and trustworthy platform, I may be back. But the first thing I will look for on their homepage will be a link to "customer service", "technical support", or "contact us". The absence of such links, which allow users to articulate their individual problems (not a list of predetermined questions and answers), reflects poorly on the company
Report abuse
Aditya
,Bombay, on Mar 04, 2009 05:21 PM
people actually *downloaded* a "setup.exe" file and *installed* it?? just to watch some video??!!
Report abuse

Opinion Poll