Jump to content

Facebook Worm Threat

XxTearGodxX

By XxTearGodxX
in Off-Topic

 Share

Recommended Posts

XxTearGodxX

XxTearGodxX

Posted
Posted

If you use Facebook, please be warned and watch this.

 

 

 

http://www.cnn.com/video/#/video/us/200 ... k.worm.cnn

 

 

 

Here is a bit more information.

 

 

 

http://www.computerworld.com/action/art ... src=kc_top

 

 

 

A worm that hit Facebook last December has resurfaced, a security researcher said today, and is now hijacking user accounts -- not only for that social networking service, but also for MySpace, Friendster, LiveJournal and others.

 

 

 

The Koobface worm is again making the rounds on Facebook, said Jamz Yaneza, a research project manager at Trend Micro Inc. "But this is an improved version with some interesting functions," he said.

 

 

 

Like the variant that hit Facebook late last year, the newest Koobface tries to dupe users into clicking on a link that's included in a message from a friend. Clicking on the link displays a fake error message claiming that Adobe System Inc.'s Flash is out of date, and prompts the user to download an update.

 

 

 

The update is nothing of the sort, but is instead an executable file that installs the Koobface worm.

 

 

 

"Koobface.az," as Trend Micro pegged the worm, rifles through a compromised PC, sniffs out browser cookies associated with 10 different social networking sites, uses the usernames and passwords within those cookies to log on to each service, searches for the infected user's friends and then sends those people messages that include a link to the worm.

 

 

 

It looks for cookies connected to bebo.com, Facebook, Friendster, fubar.com, hi5.com, LiveJournal, MySpace, myYearbook, Netlog and Tagged.

 

 

 

Much of the message processing takes place on a remote server, which the hackers control, said Yaneza. That server communicates with each infected PC, receiving data and sending instructions. "This is pretty serious stuff," he said.

 

 

 

Trend Micro has identified more than 300 IP addresses hosting the worm, and although some have been blocked, others are still online. Those addresses are located in Asia, Yaneza said.

 

 

 

"This is maybe only in its early stages," he added, referring to the small but growing number of infections. "I'd call it fairly active at the moment."

 

 

 

Koobface.az isn't the only piece of malware to have struck Facebook recently. Trend Micro, as well as other security vendors, has noted a pair of scams in the past week that targeted users of the popular service. The most recent sent messages to users claiming that friends had turned them in for violating Facebook's terms of service; when people clicked on the included link, they downloaded an application that spammed all friends with a similar message and may have harvested information from each Facebook account as it did so.

 

 

 

"I don't think this is a coincidence," said Yaneza, speaking of Koobface coming hard on the heels of other attacks against Facebook users. "[Cybercriminals] are looking at how these services are being used, and more importantly, their sizes," he said.

 

 

 

"Users need to be very, very careful about what they install when they're on these [social networking] services," Yaneza advised. "And they should be careful about how they use social networks and what information they put on them. The criminals are gleaning all the information they can and using it against you."

xxteargodxx.png
Link to comment
Share on other sites
Barihawk

Barihawk

Posted
Posted

I know at least two people who got suckered into this. The worst part is that most people are idiots enough to click the links and spread it. But they do word it pretty well. I have to admit I clicked on it at first (thank god the virus scanner was on call.)

 

 

 

A lot of sociological study went into making this thing work, and they did a good job of it.

Untitled.png

My heart is broken by the terrible loss I have sustained in my old friends and companions and my poor soldiers. Believe me, nothing except a battle lost can be half so melancholy as a battle won. -Sir Arthur Wellesley

Link to comment
Share on other sites
Howlin0001

Howlin0001

Posted
Posted

Em what are they doing to you when they have the worm downloaded? Like are they trying to infect more people or trying to get people to join a certain site or trying to get your personal details?

howlin1eeveesig.png

Link to comment
Share on other sites
Snowi

Snowi

Posted
Posted
I know at least two people who got suckered into this. The worst part is that most people are idiots enough to click the links and spread it. But they do word it pretty well. I have to admit I clicked on it at first (thank god the virus scanner was on call.)

 

 

 

A lot of sociological study went into making this thing work, and they did a good job of it.

 

 

 

Unlucky for them... They should have had their scanners on. :/

tech.jpg

Techy is a noop, but we wub him! ^_^

Link to comment
Share on other sites
evil_mumm_ra

evil_mumm_ra

Posted
Posted
Em what are they doing to you when they have the worm downloaded? Like are they trying to infect more people or trying to get people to join a certain site or trying to get your personal details?

 

 

 

probably get personal info, and infect more.

[hide=WOO TEXT! updated Jan 19, 2009 (last quote)]

And Evil you mad bastard. You are definately bringing TET back up to it's glory. No doubt about it. Keep it going champ.

24,485th to 99 defence on 7-23-08

I always forget you're 20 too. I always think you're 25 or something. o.o

Ya think that I'm insane, Its not sane... its not sane

obligitory devart link: http://evil-mumm-ra.deviantart.com/

Pogonophobia is the fear of beards.

She isn't naked so it's legal.
I'm a porn star.
[/hide]
Link to comment
Share on other sites
Wisp

Wisp

Posted
Posted

I got this, and I was 95% sure the 'video' was bs, so I went there anyway, it said I needed the plugin. One problem. I was already on youtube, happily watching videos in another window.

flobotst.jpg

Hegemony-Spain

Link to comment
Share on other sites
Barihawk

Barihawk

Posted
Posted
Em what are they doing to you when they have the worm downloaded? Like are they trying to infect more people or trying to get people to join a certain site or trying to get your personal details?

 

 

 

I know it does use Facebook to massmessage your friends to spread itself. Not sure exactly what it does but I imagine it collects all the personal information on Facebook like address, phone number and all that, and then they sell it.

 

 

 

The first iteration of the worm told people that the user had found their picture on a random website and you want to click it to know where your picture is being posted.

Untitled.png

My heart is broken by the terrible loss I have sustained in my old friends and companions and my poor soldiers. Believe me, nothing except a battle lost can be half so melancholy as a battle won. -Sir Arthur Wellesley

Link to comment
Share on other sites
Snowi

Snowi

Posted
Posted
I got this, and I was 95% sure the 'video' was bs, so I went there anyway, it said I needed the plugin. One problem. I was already on youtube, happily watching videos in another window.

 

 

 

Haha! I love it when scammers/hackers fail like that... :P

tech.jpg

Techy is a noop, but we wub him! ^_^

Link to comment
Share on other sites
Howlin0001

Howlin0001

Posted
Posted
Em what are they doing to you when they have the worm downloaded? Like are they trying to infect more people or trying to get people to join a certain site or trying to get your personal details?

 

The first iteration of the worm told people that the user had found their picture on a random website and you want to click it to know where your picture is being posted.

 

Yea that was going around on Bebo for a while as well.

howlin1eeveesig.png

Link to comment
Share on other sites
Racheya

Racheya

Posted
Posted
Em what are they doing to you when they have the worm downloaded? Like are they trying to infect more people or trying to get people to join a certain site or trying to get your personal details?

 

The first iteration of the worm told people that the user had found their picture on a random website and you want to click it to know where your picture is being posted.

 

Yea that was going around on Bebo for a while as well.

 

Bebo spam is the worst. I get mails from some 'hot chinese looking for love' #-o

umilambdaberncgsig.jpg

I edit for the [Tip.It Times]. I rarely write in [My Blog]. I am an [Ex-Moderator].

Link to comment
Share on other sites
warren211

warren211

Posted
Posted

Look, the word "gullible" is written on this video on the internet! Download it now!

 

 

 

Another reason why I'm glad to be one of those rebels who has never had a page on any social networking sites and hopefully never will. Even if you're not gullible enough to fall for these scams, it's easy to place trust in a gullible friend who sends you the link after falling for it himself.

[hide=]

tip it would pay me $500.00 to keep my clothes ON :( :lol:
But then again, you fail to realize that 101% of the people in this universe hate you. Yes, humankind's hatred against you goes beyond mathematical possibilities.
That tears it. I'm starting an animal rebellion using my mind powers. Those PETA bastards will never see it coming until the porcupines are half way up their asses.
[/hide]

montageo.png

Apparently a lot of people say it. I own.

 

http://linkagg.com/ Not my site, but a simple, budding site that links often unheard-of websites that are amazing for usefulness and fun.

Link to comment
Share on other sites
Laura

Laura

Posted
Posted
Look, the word "gullible" is written on this video on the internet! Download it now!

 

 

 

Another reason why I'm glad to be one of those rebels who has never had a page on any social networking sites and hopefully never will. Even if you're not gullible enough to fall for these scams, it's easy to place trust in a gullible friend who sends you the link after falling for it himself.

I agree, even if I wasn't gullible and needed Adobe, after say a new computer, I would probably use the link instead of typing a new link. Coming from a friend's account, you'd think it would be safe anyways.
hopesolopatriot.jpg
Link to comment
Share on other sites
ElkNight

ElkNight

Posted
Posted
I get mails from some 'hot chinese looking for love' #-o

 

Oshi, you found me.

10postchm2105.png

8,180

WONGTONG IS THE BEST AND IS MORE SUPERIOR THAN ME

#1 Wongtong stalker.

Im looking for some No Limit soldiers!

Link to comment
Share on other sites
Wisp

Wisp

Posted
Posted
Look, the word "gullible" is written on this video on the internet! Download it now!

 

 

 

Another reason why I'm glad to be one of those rebels who has never had a page on any social networking sites and hopefully never will. Even if you're not gullible enough to fall for these scams, it's easy to place trust in a gullible friend who sends you the link after falling for it himself.

 

I'm not worried at all lol, I have my info set as me living in Schnitzelville, Norway.

 

Because viruses obviously can't affect you if your in schnitzelville, norway.

 

Like four of my friends fell for this. I had to tell them that they were stupid.

flobotst.jpg

Hegemony-Spain

Link to comment
Share on other sites
blushenka

blushenka

Posted
Posted

Now I know why some people don't want to access facebook apps / notes, that other people send them.

"Metal isn't about violence or faggy whiny lyrics. It isn't even about who plays the heaviest and fastest. It is about invoking a sense of wonder and magnitude that no other genre can depict."

bluarosezk0.jpg

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept