I still remember the Koobface virus that had previously attacked the popular social networking site, Facebook?
Now comes the latest virus variants Koobface. However, it is surprising that the link in the Facebook inbox page, which actually leads to the 'perverted'. On the front page looks familiar with YouTube, but false, with false comments from the 'viewer'. If the link is click, the user will be directed to a page hosting a video that is sent by the same person, who has been sending a message from Facebook before. The facts of the sender is not only a name, but also photos from his Facebook profile.
With the click the "Install" it will directly download the setup.exe file is detected as a variant Koobface the latest security company TrendMicro detected as a worm "koobface.az". According blog.trendmicro.com, there have been more than 300 unique IP that has to click setup.exe. IP all the victims will be detected as "html_koobface.ba".
According to the analyst's view of the engineer TrendMicro, worms koobface.az the first time will find the cookies created by the site a friend as follows:
* Facebook.com
* Hi5.com
* Friendst er.com
* Myyearbook.com
* Myspace.com
* bebo.comtagged.com
* Netlog.com
* fubar.comlivejournal.com
Worm will then be connected with the social networking site is using user login detail, obtained from cookies. After that, the new worm variants will be looking for another friend, who will then send a message containing a link, where the worm will copy the download to users. In addition, the virus will also send information from the infected computer to some server
Now comes the latest virus variants Koobface. However, it is surprising that the link in the Facebook inbox page, which actually leads to the 'perverted'. On the front page looks familiar with YouTube, but false, with false comments from the 'viewer'. If the link is click, the user will be directed to a page hosting a video that is sent by the same person, who has been sending a message from Facebook before. The facts of the sender is not only a name, but also photos from his Facebook profile.
With the click the "Install" it will directly download the setup.exe file is detected as a variant Koobface the latest security company TrendMicro detected as a worm "koobface.az". According blog.trendmicro.com, there have been more than 300 unique IP that has to click setup.exe. IP all the victims will be detected as "html_koobface.ba".
According to the analyst's view of the engineer TrendMicro, worms koobface.az the first time will find the cookies created by the site a friend as follows:
* Facebook.com
* Hi5.com
* Friendst er.com
* Myyearbook.com
* Myspace.com
*
* Netlog.com
*
Worm will then be connected with the social networking site is using user login detail, obtained from cookies. After that, the new worm variants will be looking for another friend, who will then send a message containing a link, where the worm will copy the download to users. In addition, the virus will also send information from the infected computer to some server
Source : beritanet
0 comments:
Post a Comment