Tech
Facebook worm "Koobface" is back
News sources are reporting the resurgence of a Facebook worm known as "Koobface". Here is what you need to know about the threat.
![zd-defaultauthor-adam-odonnell.jpg](https://www.zdnet.com/a/img/resize/cc0b22b4f9e2e10ae88f5d8d178415df2cb92173/2014/12/04/dd833bd8-7b61-11e4-9a74-d4ae52e95e57/zd-defaultauthor-adam-odonnell.jpg?auto=webp&fit=crop&frame=1&height=192&width=192)
News sources are reporting the resurgence of a Facebook worm known as "Koobface". Here is what you need to know about the threat.
- The virus strain itself is not new. Dancho covered a previous iteration of the virus a few months back.
- The virus's behavior and propagation methods are identical to those seen in the commonplace malware-pushing spam. Infected computers are grabbing the user's Facebook credentials out of the network stream, logging into the social network site, and spamming the user's friends with a link to malware. In this case, the malware claims to be an upgrade to the computer's Adobe Flash player.
- Facebook itself has not been compromised, but it could have done a better job of informing users about the malware issue. Jennifer Leggio has an account of how the notification e-mail itself is somewhat confusing and contradictory.
- Users can protect themselves by not following any instruction from a Facebook page that tells them to upgrade a standard browser plugin like Flash Player. If you are ever instructed to upgrade a plugin, go to the vendor's website directly and download the patch.
Those of you who would like a more in-depth analysis of the security issues surrounding social networks should take a look at Paul F. Robert's very timely analysis on the issue.