Tuesday, September 01, 2009
Koobface goes after social networking site users
Andrew Brandt has written a major account of how he “tested” Koobface malware on Twitter, Myspace, and Facebook, and gives some details as to how each service tries to deal with malware. With Myspace he had some particular annoyance in having to repeatedly change passwords.
The account in the Webroot-sypsweeper blog is here. The blog entry points out that Koobface propogates itself by sending apparently malicious links.
Brian Krebs of the Washington Post has a (“Security Fix”) blog entry “Getting Friended by Koobface” here. The worm has allegedly created fake domains based on names of people, a potential “online reputation” problem touched on by John W. Dozier in the book that I just reviewed last week on my book reviews blog.
There had occurred a much more sinister domain name fraud potential problem documented on another of my blogs (the "id theft" blog) in Aug 2008, the great "Internet Scare", entry here.
I noticed that I could not log on to my Myspace account, which I use very little; but the blog is still there (one entry).
I note today that I to suspend temporarily automatic Vista updates because of the faulty KB973879 update, explained here on another blog.