New Worm Attack on Facebook and MySpace Users

Facebook and MySpace users are threatened by a new worm
Comments: Facebook and MySpace users are threatened by a new worm
Credits: techshout

Kaspersky Lab released a warning for MySpace and Facebook users, regarding two new versions of a worm, Net-Worm.Win32.Koobface.a. and Net-Worm.Win32.Koobface.b respectively, that put the security of those who have accounts on the two web services at risk.

The MySpace worm creates some catchy phrases that are sent to friends' accounts. Appealing taglines, such as "You must see it!!! LOL. My friend catched you on hidden cam" or "Paris Hilton Tosses Dwarf On The Street", are used to create spam messages that, click by click, are spread all over the network.

The spam messages Kaspersky specialists discovered include links to http://youtube.[skip].pl. and those who choose to click on these links are redirected to another address, http://youtube.[skip].ru. If users want to see the video they were interested in, they are told to click on an executable file that will provide them with the latest Flash Player version, which is compulsory in order to watch the media file. The codesetup.exe is installed on the computer and it acts as a link between Facebook and MySpace accounts. Users who received the spam message on one of the two networks would actually download the other worm on their computers.

Social networks have plenty of users, and most of them are not very careful when they click on some links apparently sent by their friends. If the link they are invited to visit actually contains some hidden malware, the damage extends not only to their social network accounts, but to a wider range of Internet applications.

"Unfortunately, users are very trusting of messages left by 'friends' on social networking sites. So the likelihood of a user clicking on a link like this is very high," says Alexander Gostev, Senior Virus Analyst at Kaspersky Lab. "At the beginning of 2008 we predicted that we'd see an increase in cybercriminals exploiting MySpace, Facebook and similar sites, and we're now seeing evidence of this. I'm sure that this is simply the first step, and that virus writers will continue to target these resources with increased intensity," he further noted.

[Source: softpedia]