It appears that a worm has been sending Facebook users malicious code. Facebook users were sent a "You look funny in this new video" in their in boxes. When the viewer is on the video site, a message says an update of Flash is needed before the video can be displayed. The viewer is prompted to open a file called flash_player.exe. When the viewer approves the istallation of Flash Koobface attempts to download a program called tinyproxy.exe. This loads a proxy server called Security Accounts Manager (SamSs) the next time the computer boots up. Koobface then listens to traffic on TCP port 9090 and proxies all outgoing HTTP traffic. So if you search something on Google, Yahoo, MSN, or Live then there's a possiblity that you may be hijacked to other maybe unknown sites. Schmugar said "this version of Koobface includes a bot-like component that could install other malicious apps at a later time."
But only a small percentage Facebook users have been affected.
Wow...that's weird. So if you have Facebook and your computer have been infected, Facebook has posted instructions on how to remove the infection on, Facebook.com/security
Source:Vamosi, R (2008, December 4). Koobface virus hits Facebook. Retrieved December 5, 2008, from cnet.com Web site: http://news.cnet.com/8301-1009_3-10113981-83.html?tag=TOCmoreStories.0
0 comments:
Post a Comment