Facebook is struck by Koobface virus
By Joe Vanderham, May 25, 2010
The virus is spread through the social networks messaging system, usually with a subject line such as, "I saw you on TV". The recipient of the message is then provided with a link to a site to view the video. Once they are there, they will be prompted to update their Flash player before they can view the video, whether it's up to date or not. If the user chooses to get the update, they will be prompted to open a file called "flash_player.exe". A perfectly legitimate sounding update, right? Don't be fooled by this as some browsers, such as Internet Explorer, will tell you where you are downloading a file from.
Once the user has been infected with the virus, it prompts a downloaded program to load a service named "Security Accounts Manager" (SamSs) to load on system startup. Koobface then proxies all HTTP traffic and steals search results from popular search engines and hijacks them to other, lesser known sites. It may also be possible for this version of the virus to install other malicious apps.
It is easy to get caught up in all the excitement when someone sends you a video you have to see. But it is just as easy to take some precaution when opening attachments. Watch for odd names in the subject line of the message or maybe you got the same message from a couple friends.
There are instructions on Facebook how to remove the Koobface virus. Make sure to update and run your anti-virus and anti-malware software. Also be sure to change your Facebook password.
Comments
There are no comments yet
Please post comments relevant to the article. Spammy comments will be deleted. All links require approval before being posted. Please include 'http://' with all URLs.