RSS Alerts

Share

More services

Related Links

Related Stories

  • Automated Twitter postings pose a severe security risk
    Twitter has again hit the IT security headlines, this time over the increasing widespread practice of automated retweets - automated repostings - by users of the social networking site/service.
  • Conficker and Facebook / Twitter attacks dominate Q1 email threats
    The Conficker worm and attackers’ social engineering techniques exploiting users on Facebook, Myspace and Twitter, dominated the email threats in the first quarter (Q1) of 2009, according to identity-based unified threat management (UTM) solutions provider Cyberoam and its Israeli messaging and web security partner Commtouch.
  • Koobface command-and-control servers double in 48 hours
    Kaspersky Lab has reported a massive surge in activity surrounding Koobface, a highly prolific worm that infects social networking sites.
  • Securing Your Home Office
    Here’s an interesting question for all you information security professionals out there: how secure is your home IT? No, seriously. There’s no doubting that you have a handle on keeping data secure across the enterprise alright, but how clued up are you away from the office where things are actually rather different in terms of both risk and response? Davey Winder investigates
  • Securing your home office
    Here’s an interesting question for all you information security professionals out there: how secure is your home IT? No, seriously. There’s no doubting that you have a handle on keeping data secure across the enterprise alright, but how clued up are you away from the office where things are actually rather different in terms of both risk and response? Davey Winder investigates

Top 5 Stories

News

575 variants of Koobface detected during June says Kaspersky Lab

13 July 2009

Researchers with Russian IT security vendor Kaspersky Lab say they detected 575 new variants of the Koobface worm during June.

Koobface, a social networking site-focused worm, has rocketed in infection terms and in-the-wild reports in the last few months, says Kaspersky, soaring from 324 variants at the end of May to approaching 1 000 a month later.

The worm first appeared last summer, but really came to prominence in the early part of this year when the US-CERT operation warned about the malware on March 4, after which versions were found that targeted virtually all the mainstream web 2.0-driven social networking sites and services.

According to Kaspersky Lab, Koobface spreads through a legitimate user's account to their friend’s profiles.

Comments and messages sent by the worm contain a link to a fake YouTube style website which invites users to download a "new version of Flash Player."

The worm, rather than a media player, is then downloaded to victim machines, and once a user is infected, s/he will start spreading such messages to his or her friends.

In the meantime, says the IT security firm, the functionality of the worm has been extended. Koobface is now targeting more social networking websites like Facebook, MySpace, Hi5, Bebo, Tagged, Netlog and, most recently, Twitter.

Stefan Tanase, a malware researcher with Kaspersky Lab, says that, as social networks such as Facebook or Twitter are becoming increasingly popular, attacks targeting them are also gaining momentum.

"This sign of increased cybercriminal activity involving social networks in the past month proves that the strategies being used by the bad guys to infect users are much more efficient when adding the social context to their attacks."

"June 2009 marks an important milestone in the evolution of social networking malware: the activity we've seen this month exceeds by far any other month in the past."

Against this backdrop, Kaspersky Lab gives the following tips to users of the internet and social networking sites:

Be cautious when opening links coming through suspicious messages, even if the sender is one of your trusted Facebook friends.

Use either Internet Explorer 7 running in protected mode or Firefox with the NoScript add-on installed.

Divulge as little personal information as possible. Do not give out your home address, phone number or other private details.

Keep your antivirus software updated to prevent new versions of malware from attacking your computer.

 

 

This article is featured in:
Identity and Access Management  • Internet and Network Security • Malware and Hardware Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Terms & Conditions |Privacy |Website Design|Reed Exhibitions. All rights reserved. Copyright © 2012