While the owner of a website can take steps to ensure that there is no security holes to sneak worms into their websites, there is absolutely no guarantee way from preventing malicious code running on client computers from abusing stolen website credentials. This is an exact practical problem has been facing by the facebook authority for recent months and it became absolutely critical with the actions of most recent computer worm called “koobface”.
The koobface worm, originally detected by the Kaspersky Labs in August, has been again increasingly spreading on Facebook in recent week. As of Kaspersky, this how it works :
“The messages and comments include texts such as Paris Hilton Tosses Dwarf On The Street; Examiners Caught Downloading Grades From The Internet; Hello; You must see it!!! LOL. My friend catched you on hidden cam; Is it really celebrity? Funny Moments and many others.
" ... include links to http://youtube.[skip].pl. If the user clicks on this link, s/he is redirected to http://youtube.[skip].ru, a site which purportedly contains a video clip. If the user tries to watch it, a message appears saying that s/he needs the latest version of Flash Player in order to watch the clip. However, instead of the latest version of Flash Player, a file called codecsetup.exe is downloaded to the victim machine; this file is also a network worm. ”
It simply says that you are misguided by a bogus chain letter (in almost all cases, the sender is pretended to be one of your friend) asking you to install a latest version of software and instead of making your computer more secure, your computer become another zombie (your computer will be controlled by a remote person without your knowledge) in the internet. At the moment it installed, it will start reading your cookies and start sending infected messages to your friends and thus it also preventing you to searching in well-known search engines (google,yahoo) and directs you to less-known search engines.
Currently thousands of facebook users are already affected by this worm, however Facebook still fails to guarantee to protects the personal information of 120+ million of its users. Some of the Facebook responses are
The koobface worm, originally detected by the Kaspersky Labs in August, has been again increasingly spreading on Facebook in recent week. As of Kaspersky, this how it works :
“The messages and comments include texts such as Paris Hilton Tosses Dwarf On The Street; Examiners Caught Downloading Grades From The Internet; Hello; You must see it!!! LOL. My friend catched you on hidden cam; Is it really celebrity? Funny Moments and many others.
" ... include links to http://youtube.[skip].pl. If the user clicks on this link, s/he is redirected to http://youtube.[skip].ru, a site which purportedly contains a video clip. If the user tries to watch it, a message appears saying that s/he needs the latest version of Flash Player in order to watch the clip. However, instead of the latest version of Flash Player, a file called codecsetup.exe is downloaded to the victim machine; this file is also a network worm. ”
It simply says that you are misguided by a bogus chain letter (in almost all cases, the sender is pretended to be one of your friend) asking you to install a latest version of software and instead of making your computer more secure, your computer become another zombie (your computer will be controlled by a remote person without your knowledge) in the internet. At the moment it installed, it will start reading your cookies and start sending infected messages to your friends and thus it also preventing you to searching in well-known search engines (google,yahoo) and directs you to less-known search engines.
Currently thousands of facebook users are already affected by this worm, however Facebook still fails to guarantee to protects the personal information of 120+ million of its users. Some of the Facebook responses are
- deleting content generated by the worm (Facebook says they have “again contained” it) and spammy chain letters
- posting updates on the status of security issues to the Facebook Security Page and publishing best practices for users
- blocking Wall posts that contain links to known phishing sites
- improving its automated systems to automatically detect abuse on the site more quickly
- pursuing many of the perpetrators
How you can survive ?
As you may have now understood, koobface is really hard to recognize directly (since worm appear to be a message received from one of your friend). Therefore it is advised not to share your passwords with others and to never open unexpected mails even if they come from your friends. Thus, Facebook recommends always use latest anti-virus software which we already know since our childhood :).
Sources : insidefacebook,techcruch
No comments:
Post a Comment