Current Headline

Listen to Your Daily Tune's

Sunday, December 20, 2009

Koobface’ Virus Attacks Facebook

Koobface’ Virus

Koobface, an anagram of Facebook, is a computer worm that targets the users of the social networking websites Facebook, MySpace, hi5, Bebo, Friendster and Twitter. Koobface ultimately attempts, upon successful infection, to gather sensitive information from the victims such as credit card numbers. It was first detected in December 2008 and a more potent version appeared in March 2009.

Name Koobface worm

W32/Koobfa-Gen Sophos
W32.Koobface.A Symantec
W32/Koobface.worm McAfee

Classification Unknown
Computer worm

Subtype Computer virus
Isolation December 2008

A worm responsible for sending Facebook users malicious code appears to be limited in nature, although the social engineering attack may be used again, say experts.
Facebook representative Barry Schnitt said the worm isn't new; it dates back to August, although the variant that first appeared on Wednesday targets only Facebook users.
Craig Schmugar, threat researcher for McAfee Avert Labs, confirmed this in a call with CNET News and said that, in general, Koobface strikes only social-networking sites.
After receiving a message in their Facebook in-box announcing, "You look funny in this new video" or something similar, recipients are then invited to click on a provided link. Once on the video site, a message says an update of Flash is needed before the video can be displayed. The viewer is prompted to open a file called flash_player.exe.

If the viewer approves the Flash installation, Koobface attempts to download a program called tinyproxy.exe. This loads a proxy server called Security Accounts Manager (SamSs) the next time the computer boots up. Koobface then listens to traffic on TCP port 9090 and proxies all outgoing HTTP traffic. For example, a search performed on Google, Yahoo, MSN, or may be hijacked to other, lesser-known search sites.
Schmugar said this version of Koobface includes a bot-like component that could install other malicious apps at a later time.

The virus watchdog blog for McAfee labs reports that Facebook is aware of the Koobface attack and is already working to remove the spammed links from its system. But with dozens of Koobface variants known to exist, McAfee warns that "the situation is likely to get worse before it gets better." 

In the mean time, the best way to avoid Koobface is to adhere to the tried and true rule of internet safety: never open unexpected e-mail attachments, videos or other links, even if they are from someone you know.

Check Video Here:-

Other Post to Read
2.Addicted to Facebook

No comments:

Post a Comment

Related Posts with Thumbnails

Xpert-Zone Blog Overview