Facebook Hit by Virus

 

Facebook's 120 million users are being targeted by a virus.

The Koobface worm (Net-Worm.Win32.Koobface) so far has four variants.

It's quite sneaky and has been developed by a 'known' group.

 

• 'Koobface' spreads by sending a message to people's inboxes, pretending to be from a Facebook friend. The message says something like "I've seen you naked in this video".
  
• So you click the link ... you're then asked to watch a "secret video by Tom".
  When you try and play the video you're asked to download the latest version of Adobe Flash Player.
• If you do, that's when the virus takes hold and attacks your computer.
  It will send messages to all your Facebook friends as you watch unable to stop it.
  It will also load malware which could steal your personal details.

Known Group
The virus writers behind Koobface by targeting Facebook and MySpace users are clearly trying to maximize the number of victims - the more there are, the bigger the botnet is going to be.

The people behind Koobface are also linked to the 'fake antivirus' programs XP Antivirus and Antivirus2009 which are actually spyware. Installers for these spyware programs habe been detected which also contain the worm code and Trojan-Downloader.Win32.Fraudload, which was being used to download XP Antivirus etc. is now being used to download the worm files.

So in addition to being infected by the worm and herded into a botnet, victim´s machines are also going to get hit by one of these nasty pieces of spyware.

Your keystrokes and browsing history can be tracked. Your computer could be hijacked and taken to phishing sites or your usernames and passwords collected as you type them into online accounts.

How Virus writers make money

• selling botnets for use as DoS or spam platforms;
• selling harvested addresses to spammers and/or phishers; and,
• harvesting confidential data from infected machines – e.g., logins and passwords to online payment and banking systems.

Suggestions

1. Always go to official sites for downloads or updates. www.adobe.com have Flash Player downloads.
2. Social Networking sites make people feel secure because of the login. Be on your guard for links sent by friends who don´t usually send links.
3. Always be wary of links that end up with you downloading something. Especially .exe (executable) files.

Background
A botnet is a network of 'zombie' computers. If infected yours could be used to send email spam without your knowledge or a botnet can attack a particular website in a DoS (Denial of service) attack. This is done by thousands of computers (zombies) all trying to access the site repeatedly. Again you wouldn't know, just a slowing of your computer may be the only symptom.