According to the writers of the Koobface worm that propagates on social networking websites have just released a new variant that is able to trick the security filters enforced by Facebook. In order to achieve this, the new strain makes use of the website’s own features against itself. This worm was first detected back in July, with the two original variants attacking MySpace and Facebook, respectively. The worm employs social engineering tactics and profits from the core design concepts of social networking websites. Instead of registering fake accounts on the websites in order to propagate, the worm uses the legit accounts accessed from the infected computers.
This worm propagates by sending spam messages with links to fake video files and encourages the users to visit them. The links take them to a page that imitates an embedded video file. Attempting to view the file results in an error that instructs the users to install a video codec, which is actually the malicious executable that drops the worm onto the system.
In an attempt to mitigate these attacks, Facebook and MySpace have enforced special security policies and filters. Even though these actions did not kill the worm entirely, they significantly reduced its propagation rate. As a response, the worm’s writers released new variants that featured new techniques of bypassing the security measures.
While keeping your security software updated should help prevent such attacks, being careful about what links you decide to visit, even if they are sent by a friend on a social networking website, is highly recommended.
Related posts:
Happy Holidays! And this isn’t a worm….
I think something like this also exist in Friendster?
Anyway, Happy New Year!
Hello there my friend! I found your blog very interesting so I have added your link in my Blogroll. I hope you’ll link me back. Have a nice day! http://hapiblogging.blogspot.com/