Koobface malware makes a comeback
The security threat that never quite goes away is back to torment Facebook users, this time trying to get them to click on a link that promises videos of erotic encounters.
It's baa-aaack. Koobface, that is.
The persistent malware that plagues Facebook users has reared its ugly head yet again.
A new round of e-mails aimed at launching the worm onto the PCs of unsuspecting users has been discovered by researchers for the security vendor ESET, according to the company's Wednesday blog.
Uncovered by ESET researchers in Latin America, this latest Koobface campaign is sending Facebook users messages with a link that claims to direct them to videos of sexual encounters. The link included in the e-mails tells the user to download a video codec to view the X-rated content. But instead of delivering the goods, the link calls up a download that launches the Koobface malware, thus infecting its intended victim.
And like most malware, by infecting one computer, the worm then triggers the malicious message to all of the contacts of that PC's owner.
The creators of Koobface have even added a twist to thwart security experts trying to combat the worm. The dangerous download occurs only the first time someone clicks on the link. Subsequent efforts bring up a "Page not found" error. This type of attack makes it more difficult for researchers to analyze different versions of the malicious code, according to ESET.
Since its first appearance in 2008, Koobface has continued to pop up from time to time with new variants, typically aimed at infecting Facebook users. The worm uses a similar strategy by sending messages to your Facebook contacts trying to get them to click on a link to a video or other file. But instead, it launches the executable that infects their computers.
To protect yourself from Koobface, ESET offers the usual advice. Don't trust this new message or any like it sent to you via social networks like Facebook. And of course, make sure your antivirus software is always up-to-date.