Koobface worm grows more sophisticated in web 2.0 attacks
Tuesday, August 11, 2009
Web security researchers are warning that the notorious Koobface worm that spreads on social networks like Facebook and Twitter has grown more sophisticated in order to evade detection and trick more savvy users into downloading malware.
The malware writers have relied on the proliferation of link sharing on social networks to spread the Koobface virus. Koobface sends out spam messages from hijacked user accounts containing malicious links to websites where users are prompted to download Trojan malware and phony antivirus software.
Kaspersky labs reported that the spam messages are now becoming more realistic, with different Koobface spam messages featuring random additions like "HA-HA-HA!" or "LOL," while the malicious URLs are better disguised through a different bit.ly shortened URL each time.
Although it was originally designed to propagate through Facebook and MySpace, Koobface now spreads througho eight other social networking sites, including Twitter, thanks to a program that steals a user's cookies from the social websites he or she has visited, Trend Micro reported.
Koobface can also install other types of malware on an infected PC, which makes it valuable to other cybercriminals who appear to be renting out the Koobface botnet of infected machines to install malware for data theft, search hijacking and selling rogue antivirus software.
Koobface also has a way of tricking users into breaking CAPTCHA images for it in order to spam a user's contact list.
Related News:
Network security update not responsible for crashes - 2.24.2010
Reports of the so-called "blue screen of death" following the installation of the latest Microsoft security update are the result of malware, not a defect in the update.
Botnets and Chuck Norris take aim at network security - 2.22.2010
Last week, word spread of the Kneber botnet compromising more than 2,000 computers worldwide. With the start of a new week comes more malware attacks plaguing the web community. The so-called "Chuck Norris" botnet is attacking routers and DSL modems by guessing commonly used passwords.
Web security company warns of scareware's risk - 2.19.2010
The rise in scareware attacks and cyber criminal behavior in general forced DynaSis, an IT services company, to issue a warning to its users about the threat of fake anti-virus software infecting their computers on Friday.
Age-old trick with brand-new target - 1.18.2010
Cyber criminals have turned to a scam from the early days of the internet to target the growing smartphone market: Trojan phone dialers.
Report: 'At least 34' firms attacked at the same time as Google - 1.15.2010
The Washington Post asserts that many U.S. companies were targeted in the same network security and email breach that affected Google and provoked the company's highly publicized spat with the Chinese government.
|
