/>
X
Tech

Facebook worm "Koobface" is back

News sources are reporting the resurgence of a Facebook worm known as "Koobface". Here is what you need to know about the threat.
Written by Adam O'Donnell, Contributor

News sources are reporting the resurgence of a Facebook worm known as "Koobface". Here is what you need to know about the threat.

  • The virus strain itself is not new. Dancho covered a previous iteration of the virus a few months back.
  • The virus's behavior and propagation methods are identical to those seen in the commonplace malware-pushing spam. Infected computers are grabbing the user's Facebook credentials out of the network stream, logging into the social network site, and spamming the user's friends with a link to malware.  In this case, the malware claims to be an upgrade to the computer's Adobe Flash player.
  • Facebook itself has not been compromised, but it could have done a better job of informing users about the malware issue. Jennifer Leggio has an account of how the notification e-mail itself is somewhat confusing and contradictory.
  • Users can protect themselves by not following any instruction from a Facebook page that tells them to upgrade a standard browser plugin like Flash Player. If you are ever instructed to upgrade a plugin, go to the vendor's website directly and download the patch.

Those of you who would like a more in-depth analysis of the security issues surrounding social networks should take a look at Paul F. Robert's very timely analysis on the issue.

Editorial standards