Tuesday, 4 June 2013

Koobface -- Hijacking of Facebook accounts

Koobface, the fast-spreading Internet worm cybergangs use to hijack Facebook accounts on a massive scale, is on the move once again.

McAfee this morning released a threat report showing samples of Koobface spiking in the Internet wild all through the first three months of 2013.

The logons, contacts and preferences stolen from Facebook accounts feed intelligence into the cyberunderground which spammers can use to hone their spam campaigns.

For instance, they can fake Facebook postings and messages to specific individuals at targeted companies to help them gain access inside corporate networks, where they seek out and usurp privilege accounts. It's not hard to imagine a well-positioned intruder discovering ways to overcome spam filters at targeted companies.

Koobface is a case study of how swiftly cybercriminals react to emerging trends. Its creators initially sent Facebook users friendly messages asking them to click on a link to see a video. Doing so called up another message asking the recipient to click on an executable file — a small computer program — needed to upgrade a video player required to view the video. In a classic bait-and-switch, clicking on the file instead turned over control of the PC to the attackers.

The worm then automatically sent similar viral messages from the victim's account to his or her Facebook friends.

By clicking on the malicious file, the victim intentially chooses to run the bad code. So no actual hack of the computer's hard drive is needed.

Sent from my BlackBerry® smartphone from Etisalat. Enjoy high speed mobile broadband on our easyblaze and plans for BlackBerry. Visit www.etisalat.com.ng for details.