56th variant of the Koobface worm detected

56th variant of the Koobface worm detected

Summary: Researchers from PandaLabs are reporting on the detection of the 56th variant of the Koobface worm (Boface.BJ.

SHARE:

Researchers from PandaLabs are reporting on the detection of the 56th variant of the Koobface worm (Boface.BJ.worm), spreading across Facebook, Tagged, Friendster, MySpace, MyYearBook, Fubar.com, Hi5 and Bebo since May, 2008.

According to the company, the growth of Koobface related infections is as high as 1,200% since the first time it was detected over an year ago, where almost 40% of the infections based in the U.S, with the growth trend also confirmed by Microsoft's Malware Protection Center.

What the cybercriminals have changed this time is the template, the use of an Ukrainian web site hosting service, and the "missing" fake codec, which upon execution is not only converting the infected PC into a hosting provider part of the campaign, but is also pushing scareware, liveantimalwareproscanner .com and live-antimalware-scanner .com in particular.

Despite the ongoing industry collaboration, and with MySpace already declaring victory over Koobface, the persistence of the malware gang using social engineering tactics, typosquatting of social networking domains, and their outsourcing of the CAPTCHA breaking process aimed to slow down automated abuse of the sites, makes Koobface a success story (see sample statistics) that you should keep an eye on.

Topics: Security, Browser, Collaboration, Malware, Software Development, Social Enterprise

Dancho Danchev

About Dancho Danchev

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and cybercrime incident response.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

5 comments
Log in or register to join the discussion
  • One more...

    And there will be 57 varieties. Pass the relish please.
    kozmcrae
    • Is there an OS X version?

      I don't want to be left out. Or for that matter a Linux version.
      zkiwi
    • I'll take some onions & mustard with that also.

      The crackers have too much time on their so they have make all of these variants of malware and I'm sure that this will not stop for a long time.
      phatkat
  • RE: 56th variant of the Koobface worm detected

    A WINDOWS problem. The articles never say that.

    Does this one take us over 300,000 WINDOWS VIRUSES and Worms yet?
    gertruded
  • RE: 56th variant of the Koobface worm detected

    Well done! Thank you very much for professional templates and community edition
    <a href="http://www.yuregininsesi.com">seslisohbet</a> <a href="http://www.yuregininsesi.com">seslichat</a>
    birumut