Identity Theft Worm "Koobface" Strikes Social Networking Site Facebook

| No Comments | No TrackBacks
Koobface, a malicious virus that attacks users with spyware and then hacks their system for passwords and credit card numbers, has now been found on Facebook.

Many people enjoy networking and keeping track of friends and family through sites such as Facebook and MySpace which makes Koobface a challenge to those that frequent social networking sites.

How does Koobface work?

According to reports, the virus spreads via messages sent between friends on the site.

When one user is infected, his or her account will send messages to friends like, "you just look awesome in this new movie!" or "they said some bad things about you. Click here to see them." Of course, most Facebook users can't help but want to find out exactly what these messages mean. Even those distant, grade nine friend-of-friends will make many users of the site click on to find out more about all the juicy gossip. (Source:

If users do click on the link, they'll be led to a site asking them to update to a newer version of Adobe's Flash player. Downloading that bogus software will instead infect the victim's computer with a nasty worm that searches out personal information that can help hackers steal identities. Of course, social security and credit card numbers, along with banking passwords, are gold mines.

Spokesman for Facebook Barry Schnitt denies rumors that the site may have already been hit hard by Koobface;

"Only a very small percentage of Facebook users have been affected, and we're working quickly to update our security systems to minimize any further impact," he assured millions of worried users.

Craig Schmugar of McAfee Avert Labs said Koobface messages are likely to come from infected friends. The best advice is to be wary of Facebook messages, which could actually be from the Koobface worm. Facebook has posted a message on its security page advising users to install the latest antivirus software. Users who have been affected, the company added, should change their password. McAfee also warns against following unexpected hyperlinks, and adds that it's best to install software and updates from the source, whether Adobe or some other provider, instead of trusting content from a third-party site.

Facebook has not disclosed how many of its more than 120 million members have been infected with the virus.

"You must run an up-to-date antivirus, security patches, and firewalls," Graham Cluley, a senior technology consultant at Sophos advised. "That will not only help you defend your computer if you click on a dangerous link, but it will also help reduce the chance of a hacker stealing your Facebook identity and using it to spread messages to your network of friends."

Is this a serious threat? It's serious in the sense that Facebook users are receiving spam messages on their wall or Facebook inbox pointing to malicious content, said Cluely.

"A key factor which helps social-networking spam and malware succeed is that people are more prepared to click on a link or message if they believe it is from someone they know," Cluley said. "The average person is used to receiving unsolicited e-mails in their regular inbox, but believe messages have more credence when they arrive via Facebook. The message is clear -- people need to beware.".


No TrackBacks

TrackBack URL:

Leave a comment

A memoir exposing the steep price consumers pay when facing mortgage servicing errors, inaccurate credit reporting, illegal debt collection practices, identity theft and weak consumer protection laws. THE BOOK » DENISE'S STORY »