Having just finished battling some nasty viruses on my home computer, I looked at the news today and realized something: There is no rest for the weary.
The “Koobface” worm or infamous “Facebook Worm” that was first discovered last July has made a comeback, attacking users on social networking websites such as Facebook and MySpace. Needless to say, the worm has been improved.
This new and improved version of Koobface is seen as an invitation from a friend of the account owner. It invites you to click on a link and view a video on a counterfeit YouTube site. Everything may look alright to the average user. The video even has fake comments and video responses. However, when you try to watch the video, a pop-up states that you need to install Adobe Flash plug-in to view it. When users attempt to download the fake plug-in, they really download a Trojan horse program that gives the Koobface creator(s) control over the computer. The worm then takes over your social networking account, sending the same message to your own friends.
According to The Washington Post, other networks currently seeing evidence of the Koobface worm are hi5.com, friendster.com, myyearbook.com, bebo.com and livejournal.com. Engineers at Trendmicro.com have seen the worm at tagged.com, netlog.com and fubar.com.
The new worm is clever and knows how to pull in the tiny details necessary to fool someone into thinking it is the real deal. The YouTube video, besides having comments and responses, even lists the author as the friend who sent you the message. The worm even pulls the friend’s picture from the social networking site.
The original Koobface worm had two variants and was first discovered last July by secure content developer, Kaspersky Lab. These worms, Win32.Koobface.a. and Win32.Koobface.b, attacked MySpace and Facebook respectively and operated in the same way as this newer strain.
How do you keep the worms out of your computer? Don’t invite them in in the first place. Basic Internet awareness and keeping your computer’s antivirus updated and running every day is enough to keep you safe.
Facebook’s Security page offers several helpful hints in response to the Koobface infections and for everyday use:
Never Click Suspicious Links: They could be unknowingly sent from your friends if they are infected with viruses or malware. Never run any “.exe” files without first investigating what they are. Do your research. Keep your browser updated.
Have a Unique, Strong Password: Use different passwords for all your accounts and ensure that they will be hard to guess by using a variety of numbers, letters and punctuation marks.
Run Anti-Virus Software: Make sure you have some sort of software and run a scan every day. This will keep you on your game and your computer safe.
Brian Krebs, “Koobface” Worm Resurfaces on Facebook, MySpace, The Washington Post
Rik Ferguson, New Variant of Koobface Worm Spreading, Trendmicro.com
Kaspersky Lab Detects New Worms Attacking MySpace and Facebook, Kaspersky.com
Facebook Security Page