Facebook Faces Koobface

Facebook Faces Koobface

image

Facebook's 120 million users are trembling with fear tonight as they face the vicious, predatory depravations of the destructive new virus known only as... Koobface.

Koobface is actually just the latest piece of malicious software that takes advantage of the feeling of security engendered by members-only social networks like Facebook. "A few other viruses have tried to use Facebook in similar ways to propagate themselves," Facebook spokesman Barry Schnitt told MSNBC, adding that a "very small percentage of users" had been affected by these viruses.

But that rate will likely grow in the future, according to McAfee researcher Craig Schmugar, who said viruses like Koobface are "on the rise, relative to other threats like emails." Part of the reason for that can actually be traced back to Facebook's security, which requires everyone who uses the system to be a member and blocks data from being accessed by those who aren't. That "members only" approach leads to a false sense of security and a less scrutinous approach to messages they receive. "People tend to let their guard down," said Chris Boyd of FaceTime Security Labs. "They think you've got to log in with an account, so there is no way that worms and other viruses could infect them."

Koobface works by sending notes to Facebook friends of people with infected computers, with subjects like, "You look just awesome in this new movie." Recipients are then directed to a website, where they are told to download what is claimed to be an update of the Adobe Flash player, but - surprise! - is actually a file that infects the computer with Koobface, which then redirects users to contaminated sites when they try to access search engines like Google, Yahoo, MSN and Live.com. Ultimately, the software attempts to gather credit card numbers and other "sensitive information."

Schmugar said McAfee hasn't yet figured out who is responsible for the virus, but said the software is continually being improved in order to stay ahead of security at Facebook and MySpace. "The people behind it are updating it, refining it, adding new functionalities," he said. Facebook has posted instructions for cleaning infected computers at facebook.com/security, although that help was either too late or too inconvenient for RLM Public Relations CEO Richard Larmer, who threw out his PC after it became infected with the virus. "It was really bad," he said. "It destroyed my computer."

It amazes me that people still fall for this stuff. Admittedly, the typical computer user of today may not be as savvy in the ways of technology as they were 25 years ago when this stuff was still largely the domain of tech nerds, but look at it this way: If you woke up one morning, wandered out to the kitchen and noticed a bottle sitting on your counter labeled "Drink Me," would you?

Permalink

Haha, I hate social networking.

I really enjoyed this article but I fear that this will create more panic than awareness.

I'll explain why ... most people on facebook (that I know) are not technologically savvy at all. They'll take any junk that is posted on one of their many walls and accept pretty much anybody onto their friend list. If indeed Koobface spreads like it is feared people will just panic ...

I see this article more as a reminder or an awareness notification. If you are about to download something from the internet, check if it is from a reliable source.

Any time I'm prompted to update one of my software programs I just go to the official web page myself, rather than using a direct link.

However (and I might be totally wrong here) I think most people that visit the escapist are somewhat "educated" in internet use, or at least they have built some experience.

Once more, nice article!

RLM Public Relations CEO Richard Larmer, who threw out his PC after it became infected with the virus. "It was really bad," he said. "It destroyed my computer."

Seriously? I mean, seriously? He threw out his PC because he got a virus? Would he throw out his car if he got a flat tire too?

I mean, assuming he knew nobody at all that had any idea how to fix the mysterious blinky box, he could even have taken it to Best Buy and they'd have fixed it.

I hope he at least donated it, or sold it to someone who could fix it, instead of tossing it into a landfill somewhere.

The thing is, I've seen these "viruses" in action. It makes me laugh because they are so pathetic since most of them just spam posts on other people's walls that belong to the certain person's friends list. They go along the lines of "Hey, I just saw your picture on *insert virus link here*! Check it out!" And you look at that certain person's page and you see just how many other people hes said this to as well. Guess what? Its just about every single person on his/her friend's list.

This stuff is nothing new, most people know that they shouldn't click on everything on the internet. Good article regardless.

Malygris:
If you woke up one morning, wandered out to the kitchen and noticed a bottle sitting on your counter labeled "Drink Me," would you?

I'd quicksave, then drink it. Then, if it all goes tits up, I'd quickload and throw it into a furnace.
Yes, yes I would, solely because I wanna be able to shrink really small and go into a tiny door.
/dumb reference

Virgil:

RLM Public Relations CEO Richard Larmer, who threw out his PC after it became infected with the virus. "It was really bad," he said. "It destroyed my computer."

Seriously? I mean, seriously? He threw out his PC because he got a virus? Would he throw out his car if he got a flat tire too?

I mean, assuming he knew nobody at all that had any idea how to fix the mysterious blinky box, he could even have taken it to Best Buy and they'd have fixed it.

I hope he at least donated it, or sold it to someone who could fix it, instead of tossing it into a landfill somewhere.

He probably really did throw it out, considering he is in fact a CEO. He probably had the latest computer on its way to his office that day anyway.

Wow, I just emailed this article to my Dad. He and a lot of my family use it all the time, so this is relevant to his interests.

Mr.Pandah:
The thing is, I've seen these "viruses" in action. It makes me laugh because they are so pathetic since most of them just spam posts on other people's walls that belong to the certain person's friends list. They go along the lines of "Hey, I just saw your picture on *insert virus link here*! Check it out!" And you look at that certain person's page and you see just how many other people hes said this to as well. Guess what? Its just about every single person on his/her friend's list.

This stuff is nothing new, most people know that they shouldn't click on everything on the internet. Good article regardless.

Well, they seem pretty stupid to us, but the thing is... there actually people falling for it :s

goncalobms:

Mr.Pandah:
The thing is, I've seen these "viruses" in action. It makes me laugh because they are so pathetic since most of them just spam posts on other people's walls that belong to the certain person's friends list. They go along the lines of "Hey, I just saw your picture on *insert virus link here*! Check it out!" And you look at that certain person's page and you see just how many other people hes said this to as well. Guess what? Its just about every single person on his/her friend's list.

This stuff is nothing new, most people know that they shouldn't click on everything on the internet. Good article regardless.

Well, they seem pretty stupid to us, but the thing is... there actually people falling for it :s

Yeah...*sigh* I think thats the sad part.

Seen it. My friend got it, and I went over, and it had the Adobe version of MS Service Pack 3. It was fscked.

I told my friends to watch out for this stuff when I first heard about it. I hope none of them get it.

xitel:
Wow, I just emailed this article to my Dad. He and a lot of my family use it all the time, so this is relevant to his interests.

I showed it to my cat and she snuck away to the garage.

She's not let me in there for weeks now, and I keep hearing sawing.

The_root_of_all_evil:

xitel:
Wow, I just emailed this article to my Dad. He and a lot of my family use it all the time, so this is relevant to his interests.

I showed it to my cat and she snuck away to the garage.

She's not let me in there for weeks now, and I keep hearing sawing.

Facebook, or the article? And also, that is why you do not teach your cat how to use doors. Or locks. Or a saw.

The_root_of_all_evil:

xitel:
Wow, I just emailed this article to my Dad. He and a lot of my family use it all the time, so this is relevant to his interests.

I showed it to my cat and she snuck away to the garage.

She's not let me in there for weeks now, and I keep hearing sawing.

I hereby award you with the invisible "King of Nonsense" badge. Wear it with pride!

Reasons to not have a facebook or myspace #23: No potential virus problems.
Hrm... Perhaps it should go higher on the list...

sirdanrhodes:
Haha, I hate social networking.

I completely agree. My wife uses Myspace and it probably the most annoying crap I have ever seen.

Virgil:

RLM Public Relations CEO Richard Larmer, who threw out his PC after it became infected with the virus. "It was really bad," he said. "It destroyed my computer."

Seriously? I mean, seriously? He threw out his PC because he got a virus? Would he throw out his car if he got a flat tire too?

I mean, assuming he knew nobody at all that had any idea how to fix the mysterious blinky box, he could even have taken it to Best Buy and they'd have fixed it.

I hope he at least donated it, or sold it to someone who could fix it, instead of tossing it into a landfill somewhere.

Unfortunately Richard Larner could not be reached for comment due to shooting himself in the head once he realized he had contracted a mild flu.

WolfMage:

Malygris:
If you woke up one morning, wandered out to the kitchen and noticed a bottle sitting on your counter labeled "Drink Me," would you?

I'd quicksave, then drink it. Then, if it all goes tits up, I'd quickload and throw it into a furnace.
Yes, yes I would, solely because I wanna be able to shrink really small and go into a tiny door.
/dumb reference

Wow, I was thinking the exact same thing.

Malygris:

It amazes me that people still fall for this stuff. Admittedly, the typical computer user of today may not be as savvy in the ways of technology as they were 25 years ago when this stuff was still largely the domain of tech nerds, but look at it this way: If you woke up one morning, wandered out to the kitchen and noticed a bottle sitting on your counter labeled "Drink Me," would you?

You underestimate the power of unbridled curiosity.

But not the power of human stupidity.

Once, on a relative's computer, I was sent a message through MSN that asked for some image to be downloaded... it was a reflex, but luckily, their anti-virus program got it.

Anyways, I hate those kind of viruses... I'd probably click on it, not because I wouldn't know it's a virus, but because it's an automatic reflex, and by the time I'd have thought it out, my computer would be infected.

ArKaiN123:

Virgil:

RLM Public Relations CEO Richard Larmer, who threw out his PC after it became infected with the virus. "It was really bad," he said. "It destroyed my computer."

Seriously? I mean, seriously? He threw out his PC because he got a virus? Would he throw out his car if he got a flat tire too?

I mean, assuming he knew nobody at all that had any idea how to fix the mysterious blinky box, he could even have taken it to Best Buy and they'd have fixed it.

I hope he at least donated it, or sold it to someone who could fix it, instead of tossing it into a landfill somewhere.

Unfortunately Richard Larner could not be reached for comment due to shooting himself in the head once he realized he had contracted a mild flu.

"Whoops, stubbed my toe. Better take the whole leg, just in case I catch the Plague."

Zippy1313:

sirdanrhodes:
Haha, I hate social networking.

I completely agree. My wife uses Myspace and it probably the most annoying crap I have ever seen.

XD
Everyone at my college goes on about Facebook and Myspace and all that crap, it's kind of nice to see them punished for it.

gah, these virus's are a danger to us non-braindeads too, my brother managed to download one of these things

dogstile:
gah, these virus's are a danger to us non-braindeads too, my brother managed to download one of these things

So did my friend and he actually bought a new computer...I told him to just A buy a new hard drive, or just reformat. I still can't believe he bought a new one.

With infections like this one, it's hard to be particularly sympathetic to those impacted by it, because the vector relies on human stupidity. Victims of worms or malicious websites that don't require you to do anything other than visit them with vulnerable software running are a lot easier to find some empathy for.

Seriously, how do people not know by now to be skeptical whenever strange messages asking you to install things show up?

To be honest if you fall for that kind of thing you deserve for it to happen to you. Anyway I'm just waiting for the money I won from the Spanish national lottery to be transferred into my account should be any day now, which is funny because I don't remember even buying a tick... O wait.

Good thing I have nothing but negative feelings towards Facebook, then. My computer's buggy enough as is. It doesn't need the electronic equivalent of the swine flu virus.

Woah, I don't know if it's even ethical... This thread has been dead for almost a year...

And while it's not some stupid VS/zombie thread, you'd think the problems were solved in a year's time - no matter how one dislikes facebook, they are nothing without users and they have to provide at last some support.

I haven't been on facebook since early 2005 or so... Just for the sake of the thread not being raised for nothing, can anyone more -ahem- recent say anything about whether the problems were fixed or not?

I'm not suprised. A lot of people who use Facebook know next to nothing about computers, viruses or security. Some of them try to keep an open mind towards things they don't understand, and then they get duped like this.

Well out of 120 million people there are bound to be idiots who click on pop ups hoping they've won something hehe. Quite an ingenious plan to send a virus into facebook, the largest social network, malicious, but effective. I don't have facebook and i look down upon many of my friends who use it to chat while they live across the street from one another.

Andy Chalk:
Facebook Faces Koobface

image

Facebook's 120 million users are trembling with fear tonight as they face the vicious, predatory depravations of the destructive new virus known only as... Koobface.

Koobface is actually just the latest piece of malicious software that takes advantage of the feeling of security engendered by members-only social networks like Facebook. "A few other viruses have tried to use Facebook in similar ways to propagate themselves," Facebook spokesman Barry Schnitt told MSNBC, adding that a "very small percentage of users" had been affected by these viruses.

But that rate will likely grow in the future, according to McAfee researcher Craig Schmugar, who said viruses like Koobface are "on the rise, relative to other threats like emails." Part of the reason for that can actually be traced back to Facebook's security, which requires everyone who uses the system to be a member and blocks data from being accessed by those who aren't. That "members only" approach leads to a false sense of security and a less scrutinous approach to messages they receive. "People tend to let their guard down," said Chris Boyd of FaceTime Security Labs. "They think you've got to log in with an account, so there is no way that worms and other viruses could infect them."

Koobface works by sending notes to Facebook friends of people with infected computers, with subjects like, "You look just awesome in this new movie." Recipients are then directed to a website, where they are told to download what is claimed to be an update of the Adobe Flash player, but - surprise! - is actually a file that infects the computer with Koobface, which then redirects users to contaminated sites when they try to access search engines like Google, Yahoo, MSN and Live.com. Ultimately, the software attempts to gather credit card numbers and other "sensitive information."

Schmugar said McAfee hasn't yet figured out who is responsible for the virus, but said the software is continually being improved in order to stay ahead of security at Facebook and MySpace. "The people behind it are updating it, refining it, adding new functionalities," he said. Facebook has posted instructions for cleaning infected computers at facebook.com/security, although that help was either too late or too inconvenient for RLM Public Relations CEO Richard Larmer, who threw out his PC after it became infected with the virus. "It was really bad," he said. "It destroyed my computer."

It amazes me that people still fall for this stuff. Admittedly, the typical computer user of today may not be as savvy in the ways of technology as they were 25 years ago when this stuff was still largely the domain of tech nerds, but look at it this way: If you woke up one morning, wandered out to the kitchen and noticed a bottle sitting on your counter labeled "Drink Me," would you?

Permalink

I think a lot of people would assume that bottle of drink me was left there by their significant other or their children. And yes, they would drink it.

 

Reply to Thread

Log in or Register to Comment
Have an account? Login below:
With Facebook:Login With Facebook
or
Username:  
Password:  
  
Not registered? To sign up for an account with The Escapist:
Register With Facebook
Register With Facebook
or
Register for a free account here