MySpace and Facebook targeted by worm
New worm that looks like video link from friend targeting MySpace and Facebook users
Security company Kaspersky Lab is warning of a new worm that targets MySpace and Facebook users.
The worm variants are spread through the popular social networking sites, turning infected machines into zombies - PCs illicitly controlled by hackers to carry out tasks like denial of service attacks.
The Net-Worm.Win32.Koobface.a is activated when a user accesses their MySpace account, and is spread when it automatically comments on linked friend's sites. Facebook is targeted by Net-Worm.Win32.Koobface.b, which sends messages to the infected user's contacts through the Facebook site.
Both worms then direct would-be victims to a bogus Youtube link, where they will then receive a message telling them that they need to install the latest version of Flash Player. Instead of downloading the latest version of Flash Player however, the link then installs the worm, which installs the Facebook version of the worm if the user visited the site from MySpace, and vice versa, to increase the infection rates from the worm.
Alexander Gostev, senior virus analyst at Kaspersky Lab commented: "Unfortunately, users are very trusting of messages left by ‘friends' on social networking sites. So the likelihood of a user clicking on a link like this is very high. At the beginning of 2008 we predicted that we'd see an increase in cybercriminals exploiting MySpace, Facebook and similar sites, and we're now seeing evidence of this. I'm sure that this is simply the first step, and that virus writers will continue to target these resources with increased intensity."