Koobface is a computer worm that spreads through malicious Web links and affects Facebook and MySpace users running unpatched versions of Windows. Upon successfully infecting a computer, it steals social networking logon information to create spam messages and sends them to friends on Facebook or MySpace, depending upon the variant. The spammed links typically lead to a video site that purports to require a download to view the video. Trying to download the file invites malware that tries to compromise the user's computer and continues infecting other computers through social networks.
In a Facebook blog post, Jeff Williams, a principal group program manager for the Microsoft Malware Protection Center, explains that Microsoft worked with Facebook to add Koobface to its Malicious Software Removal Tool. "Since releasing our newest version of MSRT two weeks ago, we've removed Koobface nearly 200,000 times from over 133,677 computers in more than 140 different locales around the world," he said.
That isn't the end of the problem, however. As Williams notes, Koobface is highly polymorphic, meaning that it's constantly changing to look like something else. So far, he said, there have been more than 20,000 Koobface variants. This, incidentally, is why signature-based malware detection alone is no longer sufficient to protect computers.
Microsoft has a free online virus scanner that may help to identify computers infected by Koobface. The best precaution is not to click on links, or agree to download files, from untrusted sources.
According to Deloitte's sixth annual Global Security Survey, released in February, people are identified as the most significant vulnerability to information systems. "Human error is overwhelmingly stated as the greatest weakness this year (86%), followed by technology (a distant 63%)," the report states. It attributes the rising risk to increased adoption of new technologies and social networking.
Attend a virtual event on budget-minded security for small and midsize businesses. It happens April 29. Find out more and register.