AROUND THE WEB
Once a computer has become infected with the Kooface worm, it spams the friends belonging to the owner of the computer by leaving comments on their profiles. Those comments appear to come from the infected user, saying things like "Are you sure this is your first acting experience?", "is it u there?", "impressive. i'm sure it's you on this video", "How can anyone get so busted by a spy camera?" and "You're the whole show! i'm admired with you." Save for that last one, whose bad English will likely raise a flag that all is not what it seems, the other comments appeal to people's vanity. They wonder: is that really a video of me? and then click through on the link provided.
Facebook Elaborate Virus on TechCrunch
BOSTON - Facebook's 120 million users are being targeted by a virus dubbed "Koobface" that uses the social network's messaging system to infect PCs, then tries to gather sensitive information such as credit-card numbers.
It is the latest attack by hackers increasingly looking to prey on users of social-networking sites.
"A few other viruses have tried to use Facebook in similar ways to propagate themselves," Facebook spokesman Barry Schnitt said in an e-mail. He said a "very small percentage of users" had been affected by these viruses.
It is on the rise, relative to other threats like e-mails," said Craig Schmugar, a researcher with McAfee Inc.
Koobface spreads by sending notes to friends of someone whose PC has been infected. The messages, with subject headers like, "You look just awesome in this new movie," direct recipients to a Web site where they are asked to download what it claims is an update of Adobe Systems Inc's Flash player.
If they download the software, users end up with an infected computer, which then takes users to contaminated sites when they try to use search engines from Google, Yahoo, MSN and Live.com, according McAfee. (Msnbc.com is a joint venture between Microsoft and NBC Universal.)
McAfee warned in a blog entry on Wednesday that its researchers had discovered that Koobface was making the rounds on Facebook.
Facebook requires senders of messages within the network to be members and hides user data from people who do not have accounts, said Chris Boyd, a researcher with FaceTime Security Labs. Because of that, users tend to be far less suspicious of messages they receive in the network.