Warning : New Koobface Campaign Spotted on Facebook

Status
Not open for further replies.

Jack

Administrator
Thread author
Verified
Staff Member
Well-known
Jan 24, 2011
9,378
Security researchers from Web and email security provider Websense have spotted a new private message spam campaign on Facebook distributing the notorious Koobface worm.

The messages have a subject of "Check out the movies wsith yor ass in it" and advertise a link that leads to a bit.ly shortened URL through Facebook's open redirector.

Facebook's redirect script, through which all external links are normally passed, has been increasingly abused lately to bypass spam filters.

The spammed link takes users through a series of redirects that check if they come from facebook.com. If they are, they land on the attack page, if not, on Google News Canada.

In traditional Koobface style, the landing page displays a fake video player with a message reading "This content requires Adobe Flash Player 10.37. Would you like to install it now?"

This "required Flash update" social engineering trick is one the Koobface authors pretty much pioneered and used on a large scale. It has since been picked up by many other cybercriminals.

Pressing the Install button to get the alleged update, serves a Koobface variant currently detected by only 16 out of 43 antivirus engines on Virus Total.

Koobface is the father of all social networking worms and dates back to 2007, which makes it one of the longest running computer worms in history.


Read more
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top