Koobface Virus Worm
On
December 5th the koobface worm was detected on facebook.
Koobface
infection was on myspace and has had multiple varents. It's important
to note that spammed links leading to koobface are likely to come from
infected friend, reminiscent of early mass-mailing worms.
The first koobface worm in this case, Net-Worm.Win32.Koobface.a, spreads when a user accessess his or her Myspace account. The worm creates commentaries to the user's friends accounts.
Now, Net-Worm.Win32.Koobface.b is targeting Facebook users, creating spam messages and sending them to the infected user's friends via the Facebook site.
Some of the messages and comments include texts such as
"you look so amazing funny on our new video"
"Paris Hilton tosses Dwarf on the street"
"Examiners caught download grades from the internet"
"Hello; You must see it!!! LOL"
"My friend catched [sic] you on hidden cam"
"Is it really celebrity?" along with several others
If the user tries to watch the clip, a message appears saying that he or she needs the latest version of Flash Player in order to watch the clip. However, instead of the latest version of Flash Player, a file called codecsetup.exe is downloaded to the victim's machine, this file is also a network worm. Which means other computers on the network will be infected
Some signs your computer maybe infected with koobface:
The first koobface worm in this case, Net-Worm.Win32.Koobface.a, spreads when a user accessess his or her Myspace account. The worm creates commentaries to the user's friends accounts.
Now, Net-Worm.Win32.Koobface.b is targeting Facebook users, creating spam messages and sending them to the infected user's friends via the Facebook site.
Some of the messages and comments include texts such as
"you look so amazing funny on our new video"
"Paris Hilton tosses Dwarf on the street"
"Examiners caught download grades from the internet"
"Hello; You must see it!!! LOL"
"My friend catched [sic] you on hidden cam"
"Is it really celebrity?" along with several others
If the user tries to watch the clip, a message appears saying that he or she needs the latest version of Flash Player in order to watch the clip. However, instead of the latest version of Flash Player, a file called codecsetup.exe is downloaded to the victim's machine, this file is also a network worm. Which means other computers on the network will be infected
Some signs your computer maybe infected with koobface:
You play a
lot of facebook games
You download plug in and other features while on facebook
Unable to install windows or antivirus updates
Your contacts inform you of strange emails and messages they received from you.
Random error messages, internet drops off, computer runs slow.
You download plug in and other features while on facebook
Unable to install windows or antivirus updates
Your contacts inform you of strange emails and messages they received from you.
Random error messages, internet drops off, computer runs slow.