XxTearGodxX Posted March 3, 2009 Share Posted March 3, 2009 If you use Facebook, please be warned and watch this. http://www.cnn.com/video/#/video/us/200 ... k.worm.cnn Here is a bit more information. http://www.computerworld.com/action/art ... src=kc_top A worm that hit Facebook last December has resurfaced, a security researcher said today, and is now hijacking user accounts -- not only for that social networking service, but also for MySpace, Friendster, LiveJournal and others. The Koobface worm is again making the rounds on Facebook, said Jamz Yaneza, a research project manager at Trend Micro Inc. "But this is an improved version with some interesting functions," he said. Like the variant that hit Facebook late last year, the newest Koobface tries to dupe users into clicking on a link that's included in a message from a friend. Clicking on the link displays a fake error message claiming that Adobe System Inc.'s Flash is out of date, and prompts the user to download an update. The update is nothing of the sort, but is instead an executable file that installs the Koobface worm. "Koobface.az," as Trend Micro pegged the worm, rifles through a compromised PC, sniffs out browser cookies associated with 10 different social networking sites, uses the usernames and passwords within those cookies to log on to each service, searches for the infected user's friends and then sends those people messages that include a link to the worm. It looks for cookies connected to bebo.com, Facebook, Friendster, fubar.com, hi5.com, LiveJournal, MySpace, myYearbook, Netlog and Tagged. Much of the message processing takes place on a remote server, which the hackers control, said Yaneza. That server communicates with each infected PC, receiving data and sending instructions. "This is pretty serious stuff," he said. Trend Micro has identified more than 300 IP addresses hosting the worm, and although some have been blocked, others are still online. Those addresses are located in Asia, Yaneza said. "This is maybe only in its early stages," he added, referring to the small but growing number of infections. "I'd call it fairly active at the moment." Koobface.az isn't the only piece of malware to have struck Facebook recently. Trend Micro, as well as other security vendors, has noted a pair of scams in the past week that targeted users of the popular service. The most recent sent messages to users claiming that friends had turned them in for violating Facebook's terms of service; when people clicked on the included link, they downloaded an application that spammed all friends with a similar message and may have harvested information from each Facebook account as it did so. "I don't think this is a coincidence," said Yaneza, speaking of Koobface coming hard on the heels of other attacks against Facebook users. "[Cybercriminals] are looking at how these services are being used, and more importantly, their sizes," he said. "Users need to be very, very careful about what they install when they're on these [social networking] services," Yaneza advised. "And they should be careful about how they use social networks and what information they put on them. The criminals are gleaning all the information they can and using it against you." Link to comment Share on other sites More sharing options...
Flodder450 Posted March 3, 2009 Share Posted March 3, 2009 i dont use it so i r teh safe :3 (untill lenin gets control over facebook) 99 Firemaking 30-5-2010 | 99 Fletching 13-7-2014 TET-AU member:6-10-2010 - 21-10-2011 Link to comment Share on other sites More sharing options...
deathdrow Posted March 3, 2009 Share Posted March 3, 2009 Well. Now I know. I'm usually not that stupid about things. but you never know. Link to comment Share on other sites More sharing options...
Snowi Posted March 3, 2009 Share Posted March 3, 2009 Thanks, I'll warn my family. ;) Techy is a noop, but we wub him! ^_^ Link to comment Share on other sites More sharing options...
Barihawk Posted March 3, 2009 Share Posted March 3, 2009 I know at least two people who got suckered into this. The worst part is that most people are idiots enough to click the links and spread it. But they do word it pretty well. I have to admit I clicked on it at first (thank god the virus scanner was on call.) A lot of sociological study went into making this thing work, and they did a good job of it. My heart is broken by the terrible loss I have sustained in my old friends and companions and my poor soldiers. Believe me, nothing except a battle lost can be half so melancholy as a battle won. -Sir Arthur Wellesley Link to comment Share on other sites More sharing options...
Howlin0001 Posted March 3, 2009 Share Posted March 3, 2009 Em what are they doing to you when they have the worm downloaded? Like are they trying to infect more people or trying to get people to join a certain site or trying to get your personal details? Link to comment Share on other sites More sharing options...
Snowi Posted March 3, 2009 Share Posted March 3, 2009 I know at least two people who got suckered into this. The worst part is that most people are idiots enough to click the links and spread it. But they do word it pretty well. I have to admit I clicked on it at first (thank god the virus scanner was on call.) A lot of sociological study went into making this thing work, and they did a good job of it. Unlucky for them... They should have had their scanners on. :/ Techy is a noop, but we wub him! ^_^ Link to comment Share on other sites More sharing options...
evil_mumm_ra Posted March 3, 2009 Share Posted March 3, 2009 Em what are they doing to you when they have the worm downloaded? Like are they trying to infect more people or trying to get people to join a certain site or trying to get your personal details? probably get personal info, and infect more. [hide=WOO TEXT! updated Jan 19, 2009 (last quote)] And Evil you mad bastard. You are definately bringing TET back up to it's glory. No doubt about it. Keep it going champ.24,485th to 99 defence on 7-23-08I always forget you're 20 too. I always think you're 25 or something. o.oYa think that I'm insane, Its not sane... its not saneobligitory devart link: http://evil-mumm-ra.deviantart.com/Pogonophobia is the fear of beards.She isn't naked so it's legal.I'm a porn star.[/hide] Link to comment Share on other sites More sharing options...
Wisp Posted March 3, 2009 Share Posted March 3, 2009 I got this, and I was 95% sure the 'video' was bs, so I went there anyway, it said I needed the plugin. One problem. I was already on youtube, happily watching videos in another window. Hegemony-Spain Link to comment Share on other sites More sharing options...
Barihawk Posted March 3, 2009 Share Posted March 3, 2009 Em what are they doing to you when they have the worm downloaded? Like are they trying to infect more people or trying to get people to join a certain site or trying to get your personal details? I know it does use Facebook to massmessage your friends to spread itself. Not sure exactly what it does but I imagine it collects all the personal information on Facebook like address, phone number and all that, and then they sell it. The first iteration of the worm told people that the user had found their picture on a random website and you want to click it to know where your picture is being posted. My heart is broken by the terrible loss I have sustained in my old friends and companions and my poor soldiers. Believe me, nothing except a battle lost can be half so melancholy as a battle won. -Sir Arthur Wellesley Link to comment Share on other sites More sharing options...
Snowi Posted March 3, 2009 Share Posted March 3, 2009 I got this, and I was 95% sure the 'video' was bs, so I went there anyway, it said I needed the plugin. One problem. I was already on youtube, happily watching videos in another window. Haha! I love it when scammers/hackers fail like that... :P Techy is a noop, but we wub him! ^_^ Link to comment Share on other sites More sharing options...
Howlin0001 Posted March 3, 2009 Share Posted March 3, 2009 Em what are they doing to you when they have the worm downloaded? Like are they trying to infect more people or trying to get people to join a certain site or trying to get your personal details? The first iteration of the worm told people that the user had found their picture on a random website and you want to click it to know where your picture is being posted. Yea that was going around on Bebo for a while as well. Link to comment Share on other sites More sharing options...
Racheya Posted March 3, 2009 Share Posted March 3, 2009 Em what are they doing to you when they have the worm downloaded? Like are they trying to infect more people or trying to get people to join a certain site or trying to get your personal details? The first iteration of the worm told people that the user had found their picture on a random website and you want to click it to know where your picture is being posted. Yea that was going around on Bebo for a while as well. Bebo spam is the worst. I get mails from some 'hot chinese looking for love' #-o I edit for the [Tip.It Times]. I rarely write in [My Blog]. I am an [Ex-Moderator]. Link to comment Share on other sites More sharing options...
dsavi Posted March 3, 2009 Share Posted March 3, 2009 If you keep on top of the latest flash player updates anyway, it's hard to happen. Unfortunately, not everyone does that like me or even has a reason to. Link to comment Share on other sites More sharing options...
Nero Posted March 3, 2009 Share Posted March 3, 2009 Koobface, lol. Vienna Raszyn Warsaw Klushino Link to comment Share on other sites More sharing options...
Star. Posted March 3, 2009 Share Posted March 3, 2009 I only have 3 friends on there. Am I still a target? ☢ CAUTION ☢ CAUTION ☢ CAUTION ☢ CAUTION ☢ Link to comment Share on other sites More sharing options...
warren211 Posted March 4, 2009 Share Posted March 4, 2009 Look, the word "gullible" is written on this video on the internet! Download it now! Another reason why I'm glad to be one of those rebels who has never had a page on any social networking sites and hopefully never will. Even if you're not gullible enough to fall for these scams, it's easy to place trust in a gullible friend who sends you the link after falling for it himself. [hide=]tip it would pay me $500.00 to keep my clothes ON :( :lol:But then again, you fail to realize that 101% of the people in this universe hate you. Yes, humankind's hatred against you goes beyond mathematical possibilities.That tears it. I'm starting an animal rebellion using my mind powers. Those PETA bastards will never see it coming until the porcupines are half way up their asses.[/hide]Apparently a lot of people say it. I own. http://linkagg.com/ Not my site, but a simple, budding site that links often unheard-of websites that are amazing for usefulness and fun. Link to comment Share on other sites More sharing options...
Laura Posted March 4, 2009 Share Posted March 4, 2009 Look, the word "gullible" is written on this video on the internet! Download it now! Another reason why I'm glad to be one of those rebels who has never had a page on any social networking sites and hopefully never will. Even if you're not gullible enough to fall for these scams, it's easy to place trust in a gullible friend who sends you the link after falling for it himself.I agree, even if I wasn't gullible and needed Adobe, after say a new computer, I would probably use the link instead of typing a new link. Coming from a friend's account, you'd think it would be safe anyways. Link to comment Share on other sites More sharing options...
Yomyth105 Posted March 4, 2009 Share Posted March 4, 2009 thanks for the info. ill be a bit more careful now. Link to comment Share on other sites More sharing options...
champion Posted March 4, 2009 Share Posted March 4, 2009 I'm one of the 7 people who don't have a social networking profile, so I'm good. Link to comment Share on other sites More sharing options...
Ned Posted March 4, 2009 Share Posted March 4, 2009 367 more people are now informed :P I just sent a note to all my friends :) Want to help the Tip.It Crew? Visit the Website Updates & Corrections forum! Link to comment Share on other sites More sharing options...
ElkNight Posted March 4, 2009 Share Posted March 4, 2009 I get mails from some 'hot chinese looking for love' #-o Oshi, you found me. 8,180WONGTONG IS THE BEST AND IS MORE SUPERIOR THAN ME#1 Wongtong stalker.Im looking for some No Limit soldiers! Link to comment Share on other sites More sharing options...
Dax Posted March 4, 2009 Share Posted March 4, 2009 Good thing I hate those sort of sites. :thumbsup: \ #KERR2016/17/18/19/20/21. #rpgformod Link to comment Share on other sites More sharing options...
Wisp Posted March 4, 2009 Share Posted March 4, 2009 Look, the word "gullible" is written on this video on the internet! Download it now! Another reason why I'm glad to be one of those rebels who has never had a page on any social networking sites and hopefully never will. Even if you're not gullible enough to fall for these scams, it's easy to place trust in a gullible friend who sends you the link after falling for it himself. I'm not worried at all lol, I have my info set as me living in Schnitzelville, Norway. Because viruses obviously can't affect you if your in schnitzelville, norway. Like four of my friends fell for this. I had to tell them that they were stupid. Hegemony-Spain Link to comment Share on other sites More sharing options...
blushenka Posted March 4, 2009 Share Posted March 4, 2009 Now I know why some people don't want to access facebook apps / notes, that other people send them. "Metal isn't about violence or faggy whiny lyrics. It isn't even about who plays the heaviest and fastest. It is about invoking a sense of wonder and magnitude that no other genre can depict." Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now