03-Dec-2009, 01:45 PM
I subscribe to a weekly newsletter from V3.co.uk and can guarantee that the following is NOT a hoax.
It may be boring to keep reading of these hacking attempts, but if it saves one persons details from being stolen - then it`s well worth it.
The hackers behind the infamous Koobface worm have launched a new campaign that seeks to trick users by employing a Christmas theme.
Koobface was first detected around a year ago, spreading primarily through social networking sites such as Facebook and MySpace, and stealing user credentials and other sensitive information such as credit card details.
advertisement
Users are generally more trusting of messages coming from their friends or contacts on these sites, so Koobface's strategy - compromising accounts then sending out messages containing malicious links to their "friends" - was highly successful.
Now, new alerts from security vendors Websense and Symantec are warning users that the new message "I caan't ffall asleepp affter viewwing thiss videeo. I haven'tt seenn aanything liike this" is Koobface.
The accompanying link will take users to a fake Facebook page or a fake YouTube video page where they will be encourage to install and run a setup.exe file presented as free antivirus to protect the user from Koobface, or a Flash upgrade to watch a video posted by SantA.
"This file is currently detected by 16 out of 41 antivirus products according to VirusTotal," noted a Websense security alert. "If the user runs the infected file, the worm will automatically login to their Facebook, MySpace, and several other social networking sites and send messages to all their friends."
It may be boring to keep reading of these hacking attempts, but if it saves one persons details from being stolen - then it`s well worth it.
The hackers behind the infamous Koobface worm have launched a new campaign that seeks to trick users by employing a Christmas theme.
Koobface was first detected around a year ago, spreading primarily through social networking sites such as Facebook and MySpace, and stealing user credentials and other sensitive information such as credit card details.
advertisement
Users are generally more trusting of messages coming from their friends or contacts on these sites, so Koobface's strategy - compromising accounts then sending out messages containing malicious links to their "friends" - was highly successful.
Now, new alerts from security vendors Websense and Symantec are warning users that the new message "I caan't ffall asleepp affter viewwing thiss videeo. I haven'tt seenn aanything liike this" is Koobface.
The accompanying link will take users to a fake Facebook page or a fake YouTube video page where they will be encourage to install and run a setup.exe file presented as free antivirus to protect the user from Koobface, or a Flash upgrade to watch a video posted by SantA.
"This file is currently detected by 16 out of 41 antivirus products according to VirusTotal," noted a Websense security alert. "If the user runs the infected file, the worm will automatically login to their Facebook, MySpace, and several other social networking sites and send messages to all their friends."
Jim