Facebook users hit by virus

Discussion in 'Computer Security' started by ~BD~, Dec 9, 2008.

  1. ~BD~

    ~BD~ Guest

    Facebook's 120 million users are being targeted by a virus designed to get
    hold of sensitive information like credit card details.

    'Koobface' spreads by sending a message to people's inboxes, pretending to
    be from a Facebook friend.

    http://news.bbc.co.uk/newsbeat/hi/technology/newsid_7773000/7773340.stm
     
    ~BD~, Dec 9, 2008
    #1
    1. Advertisements

  2. Believe it or not, many of us have access to the internet, including on-line
    news. We can also read. We don't need you to guide the way.

    :
     
    Tom [Pepper] Willett, Dec 9, 2008
    #2
    1. Advertisements

  3. ~BD~

    WhidbeyTomas Guest

    "We don't need you to guide the way."
    Oh but some of us do. I just got on FaceBook yesterday. My wife was
    incensed (just a place for picking up chicks). Maybe she's right.
    Tomas
     
    WhidbeyTomas, Dec 9, 2008
    #3
  4. It is not a virus, except in the sense that all replicating malware
    are viruses.

    A recent event locally was a tanker truck carrying liquid nitrogen
    had overheated brakes causing a fire - the driver pulled over and
    emergency vehicles arrived on scene. Authorities closed off that
    portion of highway and evacuated area residences. The news I
    saw on one local station announced the event as a "crash".

    It was not a crash except in the sense that all liquid nitrogen filled
    tankers on fire are "crashes".
     
    FromTheRafters, Dec 9, 2008
    #4
  5. "We don't need you to guide the way."
    Oh but some of us do. I just got on FaceBook yesterday. My wife was
    incensed (just a place for picking up chicks). Maybe she's right.
    Tomas

    ***

    Apparently that's not *all* you can pick up.

    To ~BD~ - evidently even on topics posts from you are not wanted.
    True, many of us have access to the internet - but it seems that only
    some of us are capable of ignoring you. Their need to berate you is
    stronger than their desire to ignore you.
     
    FromTheRafters, Dec 9, 2008
    #5
  6. ~BD~

    Milo Guest

    BD thanks posting such... This is a "newsgroup for home users" your post are
    highly appreciated as such it can contribute to the awareness of the home
    users.

    Many thanks,
     
    Milo, Dec 9, 2008
    #6
  7. ~BD~

    ~BD~ Guest

    --

    Wow!

    Thanks for your post, Milo. You have no idea how much that means to me - I
    really appreciate it. Thank you. :)))

    Dave
     
    ~BD~, Dec 9, 2008
    #7
  8. ~BD~

    ~BD~ Guest

    --

    To: FTR

    At one stage I had thought of you as a 'cyberfriend' - what went wrong? Did
    you listen to PABear?

    In the context of your note here - who, exactly, are the "us" to whom you
    refer?

    Then you talk of "their" - as if you are not one of "them".

    You 'talk' in riddles - what do you *really* mean, FTR?

    Dave
     
    ~BD~, Dec 9, 2008
    #8
  9. ~BD~

    ~BD~ Guest

    "We don't need you to guide the way."
    Oh but some of us do. I just got on FaceBook yesterday. My wife was
    incensed (just a place for picking up chicks). Maybe she's right.
    Tomas

    --

    Thanks for your post 'WhidbeyTomas' :)

    Maybe you should read this article too!
    http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9123022&source=NLT_SEC&nlid=38

    Dave
     
    ~BD~, Dec 9, 2008
    #9
  10. ~BD~

    Milo Guest

    It's a good post - I do confirm about the web threat scenario infesting
    facebook recently ahead of what bbc publicly disclosed we found 1 worm and
    3 more secondary file constituting such malware activity utilizing social
    engineering. ill post a blog of my findings asap for other to look into.
     
    Milo, Dec 9, 2008
    #10
  11. From: "Milo" <>

    | It's a good post - I do confirm about the web threat scenario infesting
    | facebook recently ahead of what bbc publicly disclosed we found 1 worm and
    | 3 more secondary file constituting such malware activity utilizing social
    | engineering. ill post a blog of my findings asap for other to look into.

    From McAfee:

    Notice
    This is a Low-Profiled Threat Notice for W32/Koobface.worm

    Justification
    W32/Koobface.worm has been deemed Low-Profiled due to media attention at
    http://www.eweek.com/c/a/Security/Koobface-Virus-Turns-Up-on-Facebook/?kc=rss.

    W32/Koobface.worm is referred to as the "Koobface Virus" in the article at
    eweek.com.

    Read About It
    Information about W32/Koobface.worm is located on VIL at:
    http://vil.nai.com/vil/content/v_148955.htm

    Detection
    W32/Koobface.worm was first discovered on August 3, 2008 and detection, for this
    particular variant, was added to the 5455 dat files (Release Date: December 5, 2008).

    To stay updated and protected download the latest dat files from
    http://www.mcafee.com/us/downloads/index.html

    If you suspect you have W32/Koobface.worm, please submit a sample to
    http://www.webimmune.net
     
    David H. Lipman, Dec 9, 2008
    #11
  12. inline
    I don't like being told who to and who not to engage in conversation. I
    will respond to whom I please. If it occasionally pleases me to to respond
    to you, I will. If the topic is not one I care to respond to, I will ignore
    you.
    If you happen to post off topic crap, I won't respond by chastising you
    for posting off topic crap - I will ignore you.

    I was considering the whole 'crossposting for no reason' thing as another
    reason to ignore you.
    The 'us' to whom Tom referred. The newsgroup community I suppose, me,
    the others, and yourself. When one of the others' posts that some SP is now
    available, no-one jumps in and tells them that we are all capable of getting
    that information on the net without their help - and yet your rare on topic
    post gets that treatment.
    I'm not one of the "them" that punishes even good behaviour. With the
    exception
    of this post, I haven't been responding to off topic or posts where the
    response is
    not likely to be of interest to anyone else but you. As this post proves, I
    am not
    always succesful at this.
    You interpret in riddles.

    ....and yes, I can be confusing.
     
    FromTheRafters, Dec 9, 2008
    #12
  13. ~BD~

    ~BD~ Guest

    --

    Good answer(s) FTR - I do not intend to deal with points individually.
    Whilst you may not appreciate same, we are not disimilar in attitude and
    outlook.

    I despair when I ask a straight-forward question and receive an answer like
    this:-

    *************************************************
    I have neither the time nor the inclination, nor is this an appropriate
    forum, to educate you on how news readers function.

    --
    Paul Adare
    MVP - Identity Lifecycle Manager
    http://www.identit.ca

    *************************************************

    Surely the whole purpose of the newsgroups is for all to learn from the
    teaching/advice of others. Is this not so?

    Dave
     
    ~BD~, Dec 10, 2008
    #13
  14. ~BD~

    Milo Guest

    David what you see in those sites are actually just the surface because none
    of them got the final file the trojan dropped to as what was identified by
    bbc - its not only a resident of facebook but also of other social
    networking sites since you can create an account use some dead gorgeous
    picture of a girl/lady and put some link on it that says come look at me in
    private "videos" - then you will then be prompted to update as your adobe
    flash player then after executing such file second and 3rd file drops in
    since the first file opens particular ports.
    This is how the infection channel work

    Social networking sites / blogspots
    |- picture with ( new once with intriguing )
    |- embedded js script that
    redirects you to 2 sites

    |- utilizes a Youtube like site just misspelled ( social engineering )

    |- prompts you a video + download flash player

    |- after installing adobe flash
    player update

    |- downloads in the background 2
    more *.exe


    Also this confirms as well BD's news so no one should dissuade others to
    post such news if needed because it is real and it increases awareness of
    the home users in particular.
     
    Milo, Dec 10, 2008
    #14
  15. From: "Milo" <>

    | David what you see in those sites are actually just the surface because none
    | of them got the final file the trojan dropped to as what was identified by
    | bbc - its not only a resident of facebook but also of other social
    | networking sites since you can create an account use some dead gorgeous
    | picture of a girl/lady and put some link on it that says come look at me in
    | private "videos" - then you will then be prompted to update as your adobe
    | flash player then after executing such file second and 3rd file drops in
    | since the first file opens particular ports.
    | This is how the infection channel work

    | Social networking sites / blogspots
    | |- picture with ( new once with intriguing )
    | |- embedded js script that
    | redirects you to 2 sites

    | |- utilizes a Youtube like site just misspelled ( social engineering )

    | |- prompts you a video + download flash player

    | |- after installing adobe flash
    | player update

    | |- downloads in the background 2
    | more *.exe


    | Also this confirms as well BD's news so no one should dissuade others to
    | post such news if needed because it is real and it increases awareness of
    | the home users in particular.


    Although most of his posts (Boater Dave) are BS, I didn't reply to this one as such. As
    long as someone posts information with a URL to back up the posted information (hopefully
    an authorative URL) then it makes a *good* post.

    If you have more information on the Koobface that is technical in nature or is not
    information for public consumption, please email me with that information. Just remove
    ~nospam~ from my posted email address.
     
    David H. Lipman, Dec 10, 2008
    #15
  16. What a wierd name why would someone name a virus like that?
     
    James Matthews, Dec 12, 2008
    #16
  17. From: "James Matthews" <>

    | What a wierd name why would someone name a virus like that?


    Facebook ==> face + book
    book --> koob + face --> koobface
     
    David H. Lipman, Dec 12, 2008
    #17
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.