Koobface Worm Returns to Twitter, Facebook, and Myspace

If you use Facebook, Twitter or MySpace, then you should be aware of a new version of Koobface which is back with a vengeance. The infamous Koobface Worm, which is known to attack popular social networks such as Facebook, MySpace and Twitter, is back and more intelligent than ever. A newer variation of the Koobface parasite shows up through a link that contends to be a popular or interesting video posted on a user’s profile. Once a computer user clicks on the video to view it, then it will ask that you upgrade the flash player, which is nothing more than a trick to secretly download a virus onto your system.

This sounds all too familiar. The old tactic of downloading a malicious flash player update file to infect computer users with some type of parasite dates back to last year in cases such as the CNN.com Daily Top 10 emails. Even still, this old tactic is being used once again by Koobface. It is still being used because it has proven to still be very effective in spreading computer infections such as Koobface.

Currently Koobface is not only effecting Facebook and Twitter, but it is spreading across many other networks including friendster.com, myspace.com, myyearbook.com, livejournal.com, bebo.com and hi5.com. Some social networks, such as Twitter, now have the ability to diffuse repeated URLs which are usually malicious. Many times hackers use URL shortener services such as bit.ly or tinyurl to flood profiles with links that attempt to hide the embedded malicious URL. The updated version of Koobface is now able to randomize the short link and then redirect the unsuspecting computer user to a look-alike Facebook page. Typically, this would make you will feel right-at-home when you land on a familiar looking Facebook page but little do you know, it is a malicious page designed to infect your system.

Examples of malicious links on Twitter that redirect users to a page designed to trick users into downloading Koobface:

(source: mashable.com)Example of malicious video link on Facebook that downloads a fake flash player which is bundled with the Koobface worm:

In the past, malicious messages were usually caught and stopped because the tactics became very familiar such as in the case of a fake flash video link taking you to the same old video. Now, to add to the confusion, the newer variant of Koobface is able direct computer users to random videos instead of the same "known-to-be-malicious" titled video.

You may ask, what is the best way for me to avoid falling victim to Koobface other than ceasing use of my Twitter and Facebook accounts? Unfortunately there is not sure way of avoiding Koobface. However, you can use and practice "online street smarts" which means you should not take everything for face-value. If you see that a so-called follower on Twitter has sent you a link to a video, then it is best that you check the source of the link before clicking on it. Never install applications that you are unsure of or did not look for in the first place. If you ever need to download and install an application, then it is best to download it directly from the vendor's website instead of a 3rd party.

Social networks have had a long history of being attacked and the Koobface worm is just another notch in the belt of hackers. Has an account belonging to you on a large social network ever been attacked? If so, what happened? Were you a victim of the Koobface worm?