Share
According to a report by ComScore, more people prefer Facebook over MySpace. This is all fine and dandy, even if some will not agree with the figures, but do the numbers matter to criminals? According to CA, not at all, as the security vendor points out in a recent blog post social networks are a huge draw online and that a massive influx of people only draws a target for criminals looking to spread malicious software.
More people pick Facebook over MySpace but the criminals don’t care. (IMG: J.Anderson)
In May, ComScore says Facebook pulled just over 70 million users, whereas MySpace had only slightly less. To a criminal these numbers simply mean millions of potential marks. Perhaps that is why yet another variant of Koobface, the popular social networking Worm, is making rounds.
According to CA, another variant of Koobface is hitting not just Facebook and MySpace, but Hi5, Bebo, Friendster, Fubar.com, Tagged.com, and MyYearbook.com. This new incarnation of the Worm that has plagued the social networking scene for the better part of the year, will start its Spam run by connecting to upr15may [dot] com.
After that, depending on the subdirectory it chooses, the new variant pulls a random subject and simple message from a script stored on the site. For example, any user who is infected by the Worm and has a Facebook profile will cause it to connect to upr15may [dot] com/fb to create messages that will be sent to each person on the infected users contact list. Likewise, MySpace users will trigger the scripts in upr15may [dot] com/ms.
Some of the example subjects discovered by CA are simple emoticons such as :). In other examples, they saw L.O.L., OMFG!!, W.O.W, and HA-HA-HA!! used. The actual messages sent, are odd and random to say the least. Message test could include “A--ha-ha, i saw yoour ass in the internet!! Lol” to “I caan’t beelieve you diddn’t see the ssecret cammera!” or “Man, you're great! See yourself naked, lol XD”.
The links lead to a page hosting what appears to be a YouTube video, but you will notice its spelled YuoTube. From there, you get the classic missing codec error, and if you install the “missing codec” you get Koobface. Then the process will rinse and repeat.
The normal advice and rules will apply here. Ignore the Spam and make sure you are constantly updating your anti-Malware protection. CA has discovered twenty sites hosting the new variant of Koobface, but that number is expected to rise.
Interested in a more interactive TTH? Join our Facebook Group Want regular updates from The Tech Herald? Follow us on Twitter
Advertising
Comment on this Story