Similar Searches

Related News

Latest News

CIA website brought down – were Anonymous attackers responsible?

Dutch ISP KPN hacked, credentials and personal information leaked

Valentine’s Day Cyber Scams that Will Play with Your Heart

Strong Authentication by Itself is Not Enough to Prevent Man-in-the-Browser Attacks

How Criminals Capitalize On Our Digital Lives

Malicious Web Site / Malicious Code: Koobface Now Using Christmas Theme

Websense Security Labs™ ThreatSeeker™ Network has discovered that the Koobface malware campaign is now using a Christmas theme. Recent developments by Koobface have included use of Google Reader.
The Koobface Web site offers a video posted by 'SantA'. The usual ruse of requiring a codec to watch the video is used, to encourage the user to install and run a file called setup.exe (SHA1:a2046fc88ab82abec89e150b915ab4b332af924a). This file is currently detected by 16 out of 41 antivirus products according to VirusTotal.
On the compromised Facebook page the user is presented with a link to chcher.ch which is a compromised site in Switzerland. The user is redirected to one of several Koobface Web sites through a malicious Flash movie file hosted on the compromised site. If the user runs the infected file, the worm will automatically login to their Facebook, Myspace, and several other social networking sites and send messages to all their friends.
Screenshot of the malicious wall posts:

Screenshot of the Koobface Web site:

Websense® Messaging and Websense Web Security customers are protected against this attack.

Source: Latest Alerts From Websense Security Labs

Write a Comment

Copyright © 2012 The Security Blog. All rights reserved.