Menu
Facebook worm refuses to die

Facebook worm refuses to die

A worm program that has been tricking Facebook users into downloading malicious software since July has returned.

A worm program that has been tricking Facebook users into downloading malicious software since July has resurfaced.

Criminals have released a new variation of the worm, known as Koobface, Facebook said Friday. The program is spreading via Facebook messages that look as if they're videos. Often they say something like "you look funny." When the user clicks to see the video, he is taken to a new Web site and asked to download special software in order to see the video. That software is malicious.

"Only a very small percentage of Facebook users have been affected and we're working quickly to update our security systems to minimize any further impact, including resetting passwords on infected accounts, removing the spam messages, and coordinating with third parties to remove redirects to malicious content elsewhere on the web," Facebook said. "Users with up-to-date anti-virus software are generally well protected from this and similar viruses."

Facebook would not say exactly how many of its users have been hit with the worm.

The new variant, first reported by McAfee on Wednesday, uses new techniques to get around filtering software that Facebook is using to block it, said Guillaume Lovet, threat response team manager with Fortinet.

In fact, Koobface is now using one of Facebook's own features against it, Lovet said. The latest variant uses Facebook's ability to redirect Web links to drive users to malicious Web sites, often hosted on Geocities.com, Lovet said.

Facebook can redirect visitors to outside Web sites. For example, the URL http://www.facebook.com/l.php?u=http://www.idg.com would take a visitor to IDG's Web site.

Facebook warns users who are being redirected in this fashion that they are leaving Facebook's Web site, but the feature makes it easier for the worm to avoid filtering software, Lovet said.

Once installed, the worm installs a Trojan horse downloading program and keylogging software, he said.

"Users should always have up-to-date anti-virus and not click on links in messages that seem strange," Facebook advises.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags Facebookkoobface

Events

SustainTech

Join key decision-makers within Environmental, Social, and Governance (ESG) that have the power to affect real change and drive sustainable practices. SustainTech will bridge the gap between ambition and tangible action, promoting strategies that attendees can use in their day-to-day operations within their business.

EDGE 2023

EDGE is the leading technology conference for business leaders in Australia and New Zealand, built on the foundations of collaboration, education and advancement.

WIICTA 2023

ARN has celebrated gender diversity and recognised female excellence across the Australian tech channel since first launching WIICTA in 2012, acknowledging the achievements of a talented group of female front runners who have become influential figures across the local industry.

ARN Innovation Awards 2023

Innovation Awards is the market-leading awards program for celebrating ecosystem innovation and excellence across the technology sector in Australia.

Show Comments