Koobface Variant Wreaks Havoc On Facebook
March 5, 2009 – 8:08 amA new variant of the dangerous Koobface worm is wreaking havoc on Facebook. The current worm uses the same tactics of social engineering as the last one. Users are prompted to click on a link which takes them to a YouTube clone website where they’re told they need to download an Adobe Flash plug-in.
Of course the link to the “Plug-in” is fake. It will instead install malware on the user’s computer. Once it’s safely installed, the worm will merrily make its way through your contact list, doing the same thing to your friends. It’s easy to see why these worms spread so quickly using these tactics. It’s because they’re “social.”
What makes Koobface so pernicious, is that the code code can be easily modified, which could render the worm even more dangerous.
“It is able to download new instructions on the fly, so that if the author desires, they can sniff credit card or banking transactions, install keyloggers, send spam or any of a number of other malicious activities,” Argast explained.
“Not to mention the social faux pas of being the source of the infection to your friends — it’s the equivalent of being the source of mono that takes down everyone in your circle of friends. This particular piece of malware spreads via links which entice users to install a codec to view a video — this is always a bad idea. Fake codecs are a major threat vector today,” he continued.
The best way to avoid this worm is to not install it. Pay attention to the links you click on and make sure the site you’re at is the one you think it is. Beware fake YouTube pages at all costs.
Subscribe to RSS Feed
Subscribe to Updates via Email