Researchers at web security firm Websense have discovered a new Koobface campaign that is spreading on Facebook via direct messages sent from compromised accounts. Those behind the latest campaign have attempted to obfuscate the URL in each message to avoid detection by security software or Facebook security controls, researchers said Friday. Recipients of the message are told to follow a link to view a video in which they appear. After clicking the link, users are directed to a malicious site, where they are instructed to download a “missing Flash plug-in” to play the supposed video. The download is actually a variant of the Koobface worm. – AM