Yesterday, reports started circulating about a virulent piece of worm spreading through Facebook. The malicious code isn’t exactly new (it started surfacing in August), but has now been altered to strike social networking websites only and is currently making the rounds on Facebook pretty quickly, it seems. The virus can spread fast because they travel through messages which appear to come from your friends.
The Koobface messages carry subject lines like “You look so funny on our new video” or something similar, and contain a link to a video site that appears to contain a movie clip. If the user tries to watch it, a message appears saying that he or she needs the latest version of Flash Player in order to play the clip. This tricks users into downloading a file carrying the malware. An earlier version of the virus targeted MySpace users earlier this year but was quickly eliminated after new security measures were put in place.
Facebook only says on their Security page that users should use the latest antivirus software and change their password if they’ve been affected. The company also appears to be resetting passwords pro-actively and notifying users per e-mail about the possibility of having a virus on board. It’s unclear how many of the social network’s 120+ million users have been hit with the virus.
Best advice remains never to open unexpected e-mail attachments to reduce the risk of infection, even if they come from people you trust.
More information and screenshots can be found here.
(Image courtesy of MaximumPC)