Kaspersky Lab, a leading provider of security solutions that protect against viruses, Trojans, worms, spyware, crimeware, rootkits, phishing, hacker attacks and spam, has detected two variants of a new worm, Networm.Win32.Koobface.a. and Networm.Win32.Koobface.b, which attack the social netoworking websites MySpace and Facebook respectively. As part of their malicious payload, the worms transform victim machines into zombie computers to form botnets.
Even though the worms are currently only infecting MySpace (www.myspace.com) and Facebook (www.facebook.com) users, Kaspersky Lab analysts are warning users that the worms are designed to upload additional malicious modules with other functionality via the Internet. It is highly probable that victim machines will not only be used for spreading links via these social networking sites, but the botnets will also be used for other malicious purposes.
Net-Worm.Win32.Koobface.a spreads when a user accesses their MySpace account. The worm creates a range of commentaries to friends' accounts. Net-Worm.Win32.Koobface.b, which targets Facebook users, creates spam messages and sends them to the infected users' friends via the Facebook site. The messages and comments include texts such as Paris Hilton Tosses Dwarf On The Street; Examiners Caught Downloading Grades From The Internet; Hello; You must see it!!! LOL. My friend catched you on hidden cam; Is it really celebrity? Funny Moments and many others.
Messages and comments on MySpace and Facebook include links to youtube.[skip].pl. If the user clicks on this link, s/he is redirected to http//youtube.[skip].ru, a site which purportedly contains a video clip. If the user tries to watch it, a message appears saying that s/he needs the latest version of Flash Player in order to watch the clip. However, instead of the latest version of Flash Player, a file called codesetup.exe is downloaded to the victim machine; this file is also a network worm. The result is that users who have come to the site via Facebook will have the MySpace worm downloaded to their machines, and vice versa.
“Unfortunately, users are very trusting of messages left by 'friends' on social networking sites. So the likelihood of a user clicking on a link like this is very high,” says Alexander Gostev, Senior Virus Analyst at Kaspersky Lab. The detection of these malicious programs further highlights the necessity for users of social networking sites and the Internet in general, including both home users and organisations, to ensure all machines are well protected against all current and future threats.
In May 2008 the BBC (http://news.bbc.co.uk/1/hi/programmes/click_online/7375772.stm) identified how it was possible for Facebook users to have their personal details stolen via a malicious program, masquerading as a harmless application that users add to their profile. “The risk of identity theft and fraud continue to be high on the news agenda. 2008 forecasts predict that phishing attacks on social networking sites such as Facebook, bebo and MySpace are a real threat”, comments David Emm, Senior Technology Consultant with Kaspersky Lab.
National Statistics (ONS) for September 2007 showed that 88.4 % of UK Internet users have access to broadband. The Kaspersky Lab wireless security survey published in July 2008 highlights that 57% of UK homes are wireless enabled. However, only 35% of those who are wireless enabled have taken adequate steps to secure their wireless router and PC. Emm explains, “Kaspersky Lab currently adds up to 1000 new signatures to its anti-malware database daily. Last week we reached one million signatures and while the bells and whistles type threats have gone away, today's threats are silent, malicious and growing at pace.”
Kaspersky Lab’s award-winning Kaspersky® Internet Security 2009 provides home PC and laptop users with all-in-one security for worry-free computing. With hourly updates, consistently high detection rates and free telephone technical support, the UK’s 2nd most popular choice for Internet security features a new antivirus engine for dramatically improved protection, performance and reliability - and a new user interface now makes this product even easier to use. Kaspersky® Internet Security 2009 includes a two-way firewall, parental control features - and a virtual keyboard for safer online banking.