01 Dec 2009
The hackers behind the infamous Koobface worm have launched a new campaign that seeks to trick users by employing a Christmas theme.
Koobface was first detected around a year ago, spreading primarily through social networking sites such as Facebook and MySpace, and stealing user credentials and other sensitive information such as credit card details.
Users are generally more trusting of messages coming from their friends or contacts on these sites, so Koobface's strategy - compromising accounts then sending out messages containing malicious links to their "friends" - was highly successful.
Now, new alerts from security vendors Websense and Symantec are warning users that the new message "I caan't ffall asleepp affter viewwing thiss videeo. I haven'tt seenn aanything liike this" is Koobface.
The accompanying link will take users to a fake Facebook page or a fake YouTube video page where they will be encourage to install and run a setup.exe file presented as free antivirus to protect the user from Koobface, or a Flash upgrade to watch a video posted by SantA.
"This file is currently detected by 16 out of 41 antivirus products according to VirusTotal," noted a Websense security alert. "If the user runs the infected file, the worm will automatically login to their Facebook, MySpace, and several other social networking sites and send messages to all their friends."
Latest stories from Security
Related articles
Related jobs
Poll
What is the most important IT priority for your company this year?
EU data protection overhaul contains "bureaucratic tick box-proposals", says information commissioner Christopher Graham in exclusive interview with V3
Connect with V3.co.uk
This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes
Why good data management at all levels is essential in the modern business (video, 6mins)
Web C# ASP.NET Developer (Equity or Mutual Funds) London...
Senior Exploratory Tester - Selenium, Java, AJAX, WEB...
SQL DBA/ Data Architect (T-SQL, SSIS, ETL) - Derivatives...
Test Analyst (Web, QTP, Test Director, VB.NET, SQL...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?