-
October 24th, 2008, 12:06 PM
#1
Facebook attacked by vicious virus
FACEBOOK users are under attack from a virus sweeping through the online social network.
The virus is technically a trojan worm that disguises itself as an email from facebookmail.com.
People are enticed to click on a misspelled video or picture link that directs to a malicious web site.
The title of the dodgy links vary from "Maan,yyou’re great!" to "your ass looks not bad in this video", "Some0ne thinks your special and has a *Hot_Crush* on you. Find out who it could be*" or a youtube link that says '"i can see yooooooooo".
The worm spreads its tentacles by emailing everyone on the victim’s friend list.
According to anti-virus software company Symantec, the trojan works by executing a worm called W32.Koobface.A that searches for cookies on the user’s machine.
If the worm finds the appropriate Facebook cookie, it modifies the users account settings and profile - adding links to malicious sites to trick others into installing the invader.
Facebook discussion boards talk about the trojan directing users to a page which looks like YouTube.
The phoney page asks the user to install a video player upgrade.
Installing the fake upgrade allows the worm to work its magic and access files on the victim’s machine while destroying their Facebook account.
The trojan comes just months after Facebook said it was working to protect its user from phishing scams.
Facebook has begun combating the virus by deactivating link when it can.
Facebook has not released an official comment regarding the attack.
So to all those that have Facebook just be careful
-
October 24th, 2008, 11:06 PM
#2
My view is that MySpace, Facebook, YouTube, e-bay, and such sites are too immature at the moment.
This kind of stuff reminds me of the problems that the e-mail account providers used to suffer from back in the old days?
Fast buck and £$%^&* the user security?
-
October 25th, 2008, 08:25 PM
#3
That's corporate America for ya. It's all about the "almighty" dollar.
-
October 26th, 2008, 08:07 AM
#4
Everyone and their grandmother has taken over an AO account.
Whimper to to JupM about it.
It'll make you feel really smart and anti-establishment.
-
October 26th, 2008, 09:27 PM
#5
@keezel @nihil
...and how exactly can a service provider reliably defend against a compromised user base? its not like they have jurisdiction to provide any level of security to infected asshats. might as well blame gmail when you receive storm botnet spam.
-
November 13th, 2008, 05:33 AM
#6
Originally Posted by d34dl0k1
@keezel @nihil
...and how exactly can a service provider reliably defend against a compromised user base? its not like they have jurisdiction to provide any level of security to infected asshats. might as well blame gmail when you receive storm botnet spam.
That's a very good point! I missed this because I never came back to the thread...but good point.
At least one thing they could possibly improve is their email system. Instead of spamming the sh*t out of their members they could restrain themselves and say "Facebook will never ask for your password in an email." as well as "Facebook will never provide links in your email" (which as it stands would be a blatant lie).
I think it's more of a problem with how they have set a bad precedent. People are in the bad habit of opening emails labeled "facebook" and clicking on links to see who's talking about them or who's pregnant or who's suddenly single or whatever.
Also, although the sites and servers themselves are arguably secure, they could do quite a bit more on that end as well.
-
November 14th, 2008, 03:39 AM
#7
I think it's more of a problem with how they have set a bad precedent. People are in the bad habit of opening emails labeled "facebook" and clicking on links to see who's talking about them or who's pregnant or who's suddenly single or whatever.
That's exactly the problem. Immature users clicking before thinking. I personally detest websites like Myspace, facebook, and the 'social networking' type things...they are just breeding grounds for this type of malicious behavior. Sure, they can be fun and all, but many of the users are ignorant of security concerns and have HUGE targets painted on their backs to be exploited. The sites themselves are not at fault (although they could try a little harder to protect the users), rather it is the 13 or 30 year old idiot that ignores potential threats and gets wrapped up in the 'experience' of having a pic and a bio on a website and subsequently shoots themselves in the foot by being suckered into garbage like this that are ultimately at fault. User responsibility, plain and simple
O
"entia non sunt multiplicanda praeter necessitatem"
"entities should not be multiplied beyond necessity."
-Occam's Razor
Similar Threads
-
By E5C4P3 in forum AntiVirus Discussions
Replies: 12
Last Post: April 30th, 2013, 08:05 PM
-
By foxdie in forum AntiVirus Discussions
Replies: 11
Last Post: April 4th, 2004, 02:52 AM
-
By sumdumguy in forum Tech Humor
Replies: 20
Last Post: July 6th, 2002, 07:10 PM
-
By ahmedmamuda in forum AntiVirus Discussions
Replies: 2
Last Post: March 20th, 2002, 02:03 AM
-
By 3ntropy in forum AntiOnline's General Chit Chat
Replies: 10
Last Post: March 4th, 2002, 11:32 PM
Tags for this Thread
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|