Kaspersky Lab, a leading developer of Internet threat protection solutions that defend against computer viruses, spyware and all forms of malicious software, saw an explosion of Koobface modifications throughout the month of June, due to summer and vacations across the northern hemisphere. In just one month, the number of variants detected jumped from 324 at the end of May 2009 to almost 1000 by the end of June 2009.
Koobface, the infamous worm, was first detected by Kaspersky Lab as Net-Worm.Win32.Koobface, and it instantly became popular when it appeared almost one year ago targeting Facebook and MySpace accounts. The Koobface worm is spreading through a legitimate user’s account to their friends’ profiles. Comments and messages sent by the worm contain a link to a fake YouTube style website which invites users to download a “new version of Flash Player”. The worm, rather than a media player, is then downloaded to victim machines. Once a user is infected, he or she will start spreading such messages to his or her friends. In the meantime, the functionality of the worm has been extended. Koobface is now targeting more social networking websites like Facebook, MySpace, Hi5, Bebo, Tagged, Netlog and, most recently, Twitter.
As social networks such as Facebook or Twitter are becoming increasingly popular (Facebook Alexa Ranking), attacks targeting them are also gaining momentum.
“This sign of increased cybercriminal activity involving social networks in the past month proves that the strategies being used by the bad guys to infect users are much more efficient when adding the social context to their attacks, - says Stefan Tanase, Malware Researcher of Kaspersky Lab. - June 2009 marks an important milestone in the evolution of social networking malware: the activity we’ve seen this month exceeds by far any other month in the past.”
Kaspersky Lab would like to give a few tips for Users:
- Be cautious when opening links coming through suspicious messages, even if the sender is one of your trusted Facebook friends.
- Use either Internet Explorer 7 running in protected mode or Firefox with NoScript installed.
- Divulge as little personal information as possible. Do not give out your home address, phone number or other private details.
- Keep your antivirus software updated to prevent new versions of malware from attacking your computer.
Kaspersky Lab users running any of the Company’s current anti-malware products are fully protected from all known variants of Net-Worm.Win32.Koobface. Kaspersky Lab’s global team of analysts are keeping a close eye on all threats coming from the social networking space, monitoring the malicious activity and constantly updating the protection customers receive.