Sunday, December 7, 2008

Koobface virus affecting computer through Facebook's user profiles

Destructive Koobface virus turns up on Facebook

120 million users are being targeted by a virus dubbed "Koobface" that uses the social network's messaging system to infect PCs, then tries to gather sensitive information such as credit card numbers.

It is the latest attack by hackers increasingly looking to prey on users of social networking sites.

Koobface spreads by sending notes to friends of someone whose PC has been infected.

The messages, with subject headers like, "You look just awesome in this new movie," direct recipients to a website where they are asked to download what it claims is an update of Adobe's Flash player.

If they download the software, users end up with an infected computer, which then takes users to contaminated sites when they try to use search engines from Google, Yahoo, MSN and, according McAfee.

McAfee warned in a blog entry that its researchers had discovered that Koobface was making the rounds on Facebook.

Facebook requires senders of messages within the network to be members and hides user data from people who do not have accounts, said Chris Boyd, a researcher with FaceTime Security Labs.

Because of that, users tend to be far less suspicious of messages they receive in the network.

"People tend to let their guard down. They think you've got to log in with an account, so there is no way that worms and other viruses could infect them," Mr Boyd said.

Privately held Facebook has told members to delete contaminated e-mails and has posted directions at on how to clean infected computers.

McAfee has not yet identified the perpetrators behind Koobface, who are improving the malicious software behind the virus in a bid to outsmart security at Facebook and MySpace.

"The people behind it are updating it, refining it, adding new functionalities," said Mr Schmugar said.

My advise to all of my readers, please be careful out there and make sure you don't click on any videos on Facebook. If you do then don't install any activex or update anything get prompt.


Anonymous said...

hey nice article. But who are the people most vulnerable to this virus.I mean none of my friends ever received such messages in facebook inbox. Can you post a link to a public profile infected by this virus so that i can view.I just want to analyze.


Anonymous said...

My sister just got this virus - she uses facebook and that is probably how she got is out there. I had a link the other day that was sent to me by a friend that was also a virus. Luckily another friend caught it before I opened it.

Shoaib Yousuf said...


Please refer to my latest post for more information on this particular virus.