Facebook: new variant of known virus is around

This post is also available in: Slovenian




Remember Galaxy virus  in the spring? It’s rounded again in a new outfit. Virus or better to say worm is actually called Koobface and has been with us since 2008 with lots of variants. A worm is very domestic in social networks, particular in Facebook and MySpace.

video-box.in virusIn March, Galaxy variant was covered quite a lot in media including this blog  with still very popular article Pazi kaj klikaš. This time is improving with addressing Facebook users with their personal name  in writing on their FB wall, so it looks very personal. It uses different texts and domain than last time.

Domain video-box.in is again register in India, owner is this time “Francesco DelaCorda from Italy” and host server is in Ukraine. Links redirected us to new video web page and we get alert that we must install fake flash player if we want to see video.  In fact, this file is Koobface worm that installs malicous code and is automatically spreading across social networks and works in a background like botnet.

some new texts, writing on the FB walls:

Gregor* ??? WTF http:// video-box.in/video.scr

Hey Gregor : ) http:// video-box.in/watch.php?id=Gregor

Gregor just to say I think this was you in this video or someonequite similar: )

Ha, ha Gregor. I think this is you!!! Look at you and please let me know!

New links:

http:// video-box.in.video.scr

http:// video-box.in/watch.php?id=gregor

* name of the Facebook profile owner, in this case Gregor

How the virus spread through social networks?

When the worm is installed on your computer, it review the temporary internet files and cookies, which are stored for later visiting, if it founds cookies from social network it infected cookies.

Computer becomes a zombie

Zombie computer is one that is infected with a virus, worm or other harmful programs, in most caces unwittingly abused to send spam mails and attacks other computers and servers. Zombie computers are usually connected in botnets and are mostly located at home.

During free days increased hacker attacks

Social networks are becoming popular and what is popular is very intresting for hackers and spammers. Networks are particularly vulnerable due to lack of awareness of the traps and dangers for many users. During holiday seasons and vacations hacker attacks are normally increased beacuse more people use internet than usually.

Think before you click on link and when you downloading applications from internet.

Saša

Works as system engineer in Slovenian Enterprise in Microsoft environment focusing on security, deployments, SharePoint, SCCM and CheckPoint firewall. Author of successful blog about IT security, Microsoft tips & tricks, social media, internet trends.

Leave a Reply