Facebook Users Be Careful Clicking Links On Your Wall

by Frank Jovine on 11/10/2009 in Security, Security Tips

Once again the devious Koobface botnet has created a new component that automates the following routines on Facebook:

  • Registering a Facebook account
  • Confirming Email address to activate the registered Facebook account
  • Joining random Facebook groups
  • Adding Facebook friends
  • Posting message to Facebook friends’ wall

About Koobface

Koobface is a revolutionary malware, being the first to have a successful and continuous run propagating through social networks. Its success can, unfortunately, set a precedent for other malware families to abuse social networking sites.

Koobface is composed of various components, each with specific functionality. While most malware cram their functionality into one file, Koobface divides each capability into different files that work together to form the Koobface botnet.

How to avoid Koobface

My advice is to avoid adding anyone you do not know! This new component acts just like a real internet user and can perform all the functions a human internet user can. It’s difficult to decipher who’s-who, as the automated component can complete an account with photos, birth date, favorite music, and favorite books. Each account created by this automated component is unique and the details vary with every account registered.

Koobface is smart, real smart, so don’t think you can’t be fooled. It accomplishes these malicious activities by automating Internet Explorer to perform the task of creating and registering an account. Moreover, it employs a check if it already reached the maximum friend requests set by Facebook or not. This helps prevent the Facebook administrators from raising any red flags.

The messages posted through Facebook’s wall will contain a link where the Koobface loader component is located.

Facebook users are advised to be careful!

  • Share/Bookmark

13 Responses to “Facebook Users Be Careful Clicking Links On Your Wall”

  1. BunnygotBlog

    Nov 10th, 2009

    I am so happy you sent me this tonight. I was just thinking about joining more sites.Maybe I will hold off for a while.
    Thanks Frank You ROCK!

  2. Frank J

    Nov 10th, 2009

    Bunny,

    If you don’t know the person who wants to be your friend, ignore them.

  3. BunnygotBlog

    Nov 10th, 2009

    I think I will stick on the ones I have with my friends that I have made already.

    Like YOU !

    • Frank J

      Nov 11th, 2009

      Bunny,

      Smart move. I would not add anyone until FB has a solution to block this issue.

  4. dagorret

    Nov 10th, 2009

    This malware is the same that caused the fall of Twitter for an attack.

    http://www.dagorret.net/2009/08/06/did-koobface-cause-the-twitter-ddos-attack/

    • Frank J

      Nov 11th, 2009

      Dagorret,

      Thanks for the link share. This is similar to what occurred on Twitter.

  5. Teasastips

    Nov 10th, 2009

    I am very careful about adding friends I do not know on Facebook. One of my friends on Facebook caught a virus that was sent to him as a video. Someone was masquerading as his friend and sent him an email to his Facebook inbox. He opened the email and not only did it affect him, it also sent the video to all his friends. The friends that opened the email were also infected, and so on. All I can say is be careful.

  6. Mike McEvoy

    Nov 11th, 2009

    Yeah, the Koobface malware is nasty. Plus it seems like it doesn’t go away. Its been been circulating for some time now and continues to rear its ugly head. Good advice for avoiding this one. Also, keeping all antivirus and internet security software up to date is important.

    • Frank J

      Nov 11th, 2009

      Mike,

      Koobface is a botnet which means they create many variations of exploits. They may never go away, but it will keep the security companies profitable.

  7. Michael Aulia

    Nov 11th, 2009

    A friend’s account actually got hacked a few days ago. I was surprised that she posted something like “I was making $60 today from **a link**”

    I thought she was serious so I clicked on it. Thank goodness nothing happened
    But I guess I’m kinda side tracked a bit, forgive me :D

    • Frank J

      Nov 11th, 2009

      Michael,

      Users need to be extra cautious now and especially during the holiday season.

  8. facebook application development

    Nov 13th, 2009

    On social networks especially Facebook, user must care to add the friends

  9. BadEvan

    Nov 16th, 2009

    I’ve been lucky enough, or wise enough, to not get hit with this one. My little sister got hit with TheFeedWater. Took awhile to get it off her system.