Facebook and MySpace attacked by new worms

Share this article:

New worms attacking social networking sites Facebook and MySpace have been uncovered.

The worms, Net-Worm.Win32.Koobface.a. and Net-Worm.Win32.Koobface.b, target MySpace and Facebook respectively, say security firm Kaspersky Lab, which found the threats.

The worms are designed to upload malicious modules with other functionality via the web. It's likely that they will turn target machines into zombie computers to form botnets.

Net-Worm.Win32.Koobface.a spreads when a user accesses their MySpace account and creates a range of comments that are sent to friends' accounts. On Facebook, Net-Worm.Win32.Koobface.b creates spam messages and sends them to the infected users' friends on the website.

Headlines such as “Paris Hilton Tosses Dwarf On The Street” and “Examiners Caught Downloading Grades From The Internet” are typically used to encourage users to click on a bogus video link that tells them to download a so-called new version Flash Player. This acts as a disguise for codesetup.exe, which installs malware.

“Unfortunately, users are very trusting of messages left by “friends” on social networking sites," said Alexander Gostev, senior virus analyst at Kaspersky Lab. "So the likelihood of a user clicking on a link like this is very high.

“At the beginning of 2008 we predicted that we'd see an increase in cybercriminals exploiting MySpace, Facebook and similar sites, and we're now seeing evidence of this," he added. "I'm sure that this is simply the first step, and that virus writers will continue to target these resources with increased intensity."

It is highly probable that victim machines will not only be used for spreading links via these social networking sites, but the botnets will also be used for other malicious purposes, according to Kaspersky Lab.

 

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

Kevin Mitnick to sell zero-day exploits

Kevin Mitnick's new venture will develop and procure zero-day exploits, then sell them for $100,000 or more.

FBI warns of potential cyber attacks launched by ISIS hacktivists

Following U.S. military airstrikes in the Middle East, the FBI has issued a warning regarding possible cyber threats aimed at U.S. networks and critical infrastructure by hacktivists in support of ISIS.

Report: 75 million records compromised so far in 2014

Report: 75 million records compromised so far in ...

An updated report indicates that since this time last year, breaches have increased by 29.4 percent, with 568 breaches occurring this year.