Malwareaware

  • Subscribe to our RSS feed.
  • Twitter
  • StumbleUpon
  • Reddit
  • Facebook
  • Digg

Wednesday, 10 July 2013

Spotlight On Malware: The Koobface Worm

Posted on 05:41 by Unknown
For Today's blog post, we will be talking about a worm that first appeared in 2008 and has not really left, considering as new variants are constantly being released.

Koobface is a multi-platform computer worm that spreads primarily via social networks such as Facebook, (Its name being an anagram of) Twitter, Friendster, MySpace, as well as other then popular social networks. By multi-platform, I mean that Koobface is designed to infect Windows, Mac OS X, and Linux.

Koobface ultimately attempts, upon successful infection, to gather login information for websites and programs that require passwords such as social networks, and programs such as Skype. Strangely, it does not attempt to gather sensitive financial information. It then uses the infected computers to build a peer to peer botnet. A infected computer contacts other infected computers to receive commands in a peer to peer related fashion. The botnet is used to install pay per install malware as well as to hijack search results to display advertisements.

Koobface originally spread by delivering Facebook messages to people who are friends of a Facebook user whose computer has already been infected. Upon its receipt, the message directs the recipient to a third party website where they are then prompted to download what is purported to be an update to Adobe Flash player. If they download and execute the file, Koobface infects their computer.

Koobface can then commandeer the computer's search engine use and direct it to infected websites.

Among the components downloaded by Koobface are a DNS filter program that blocks access to well known security websites and a proxy tool that allows the attackers to abuse the infected computer.

It is worth noting that Koobface has inspired quite a few hoaxes across social networking websites, mainly Facebook. Said hoaxes claim, among other things, that accepting hackers as Facebook friends will download Koobface onto your computer. These hoaxes are untrue and some are even inspired by fake virus hoaxes that remain false.

Thank You for reading. I invite users to comment with any questions or comments. And if you were at one point infected with Koobface, you can also share your story.
Email ThisBlogThis!Share to XShare to FacebookShare to Pinterest
Posted in Macs, Spotlight On Malware, Windows | No comments
Newer Post Older Post Home

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Popular Posts

  • How to remove System Doctor 2014
    There is a new rogue AV making the rounds on the web called System Doctor 2014. For those that have just started reading my blog or for thos...
  • What are Bitcoin Miners?
    For my first post about Bitcoins, and for what I wish to be my last about the subject, we are going to be talking about what Bitcoin miners ...
  • How to keep spies from monitoring you through your computer or your phone.
    Those of you in The United States of America have most likely heard about that whole IRS scandal and the accompanying scandals of wiretappin...
  • Spotlight on Malware: The Gruel Worm.
    It's been around since Windows 2000, but there still is not a way to remove this worm without formatting the hard drive. I speak of the ...
  • I am going to be a billionaire!
    For those of you that have been reading my blog for some time, you know I like to mess with scammers, fake tech support and the like. But th...
  • Use VBScript to pull a joke on your friends.
    Do you want to play a trick on your friends, family, or coworkers? Well this one's for you. You can make a fake piece of malware on your...
  • Spotlight on Malware: MyDoom
    The MyDoom Windows worm, also known as Novarg, and Shimgapi will be the subject of our focus for this post. The MyDoom worm was first discov...
  • CryptoLocker as of 11/3/2013
    If you have read my other posts on this, you know. But for those of you who do not, there is a piece of ransomware that has been making the ...
  • The Big Game: Who's on our side?
    I recently helped a friend of mine remove malware from their computer when she be one mused on how lonely my job must be. "It must be s...
  • Java: No more coffee for you.
    Odds are that every blogger that has a tight focus on computer security has authored a blog post about Java. So why am I wasting your time? ...

Categories

  • Android
  • History Of
  • iOS
  • Java
  • Macs
  • Passwords
  • Removal Guides
  • Spotlight On Malware
  • The CryptoLocker Saga
  • What Does It Mean?
  • What's in a name?
  • Windows

Blog Archive

  • ▼  2013 (151)
    • ►  November (10)
    • ►  October (5)
    • ►  September (15)
    • ►  August (22)
    • ▼  July (26)
      • Spotlight on Malware: ZeroAccess Rootkit.
      • Hitman Pro: What is it, and what does it do?
      • Posts of the Month: July 2013
      • To the spammers of my blog, past, present, and fut...
      • How to remove Attentive Antivirus (Rogue)
      • Explaining the fine line between Annoying Software...
      • Malware Now Taking Advantage of Royal Baby News.
      • How to remove the New Zealand E-Crime Lab Ransomware.
      • Mac OS X Ransomware going global.
      • How to remove the Ministry of Public Safety Canada...
      • How the web works: The Technology
      • How the web works: The History
      • How to remove the SweetPacks/SweetIM toolbar.
      • F.B.I. Ransomware now targeting Mac OS X
      • How to remove the Mandiant U.S.A. Cyber Security R...
      • How to remove Antivirus System (Rogue Antivirus)
      • First Q&A session details.
      • What to keep in mind when choosing your antivirus ...
      • My opinion of Data Dealer.
      • Spotlight On Malware: The Koobface Worm
      • Back To Basics.
      • Typosquatting: What it is and how to avoid it.
      • My opinion of Microsoft Windows Defender.
      • Spotlight on Malware: The Happy 99 worm.
      • Symbiosis in malware
      • Spotlight On Malware: Zeus
    • ►  June (17)
    • ►  May (25)
    • ►  April (15)
    • ►  March (7)
    • ►  February (6)
    • ►  January (3)
Powered by Blogger.

About Me

Unknown
View my complete profile