Facebook Virus “Koobface” Spreads Holiday Cheer
Myspacers have been dealing with identity theft scams for years, but now there’s mounting evidence that hackers are targeting Myspace’s more mature brother, Facebook. According to a Reuters wire story, a virus known as “Koobface” has been making the rounds using the Facebook messaging system.
How Does it Work?
Users are typically told that they “look awesome in this new movie” that the sender has uploaded, and are redirected to a site that in turn asks them to install a bogus Adobe Flash player update. If the user decides to take the bait, the Koobface virus is instantly installed on their computer, at which time it goes about its business gathering credit card numbers and other sensitive information.
How Do I Get Rid of It?
According to Guy Bunker of Symantec, Koobface is fairly easy to get rid of. Users can either install some anti-virus software (which will automatically find and destroy it,) or locate two files in their Windows directory. The files are named “tmark2.dat” and “mstre6.exe”, and should be deleted immediately if found.
Find more details on detection, files affected, removal, etc. on the McAfee web site.
Even if Koobface itself isn’t all that scary, the Reuters piece cites a security researcher with McAfee as saying that such viruses are on the rise on social networking sites. Presumably surfers are more trusting with these sites because they typically use them to connect with friends, and aren’t expecting to be targeted the way they would in a random email from an unknown spammer.
How Do I Protect Myself in the Future?
Social networking sites like Facebook turn us into fools when it comes to installing software.
- Want to throw a virtual snowball at someone? Install this application.
- Want to find out what kind of sandwich you are? Install this application.
- Want to know how you’re going to die? Install this application.
That’s why these sites are the newest playground for virus creators – people are connected, they click on stuff, they install stuff, rinse and repeat.
One good rule of thumb is to avoid redirect links in Facebook or Myspace messages unless you can absolutely verify that the URL is legit. Never download a file from a page you’ve been redirected to. Report the incident to the support staff at social networking site, and await further instruction.
You may know who your friends are in real life, but it’s important to remember that an internet persona can always be hijacked—even if you do look really awesome in that movie.
Here’s how the Koobface virus, and other related viruses appear within Facebook:
What Appears in Facebook
Notification in Your Email
Updated to add:
Variants of this virus appear to be pointing to data collection or revenue generating web sites. Here are a few titles I’ve had reported recently:
“hey is this u on thebestphotosonline.com”