Facebook, Myspace "Koobface" Virus

Yet, another virus (worm) has been making its way through the rabbit warrens of Facebook and Myspace. Although the "Koobface" worm was discovered back in August and Facebook has posted information on their site to warn their users, the worm continues to work its way into the accounts of the overly-trusting or careless members of these social networking sites. Facebook has now put up information on its site to guide its victimized members through virus removal procedures for the "Koob" virus. Since an ounce of prevention is worth a pound of cure, here's some information that should help your to protect your computer and the folks in your address book from falling victim to this latest hacker.

The "Koobface" virus (also called the "Koob" virus) uses an e-mail to lure the unsuspecting with a provocative message inviting them to view a video. When the user attempts to start the video, a message says the user must update their flash player in order to view the video. Therein, lies the problem. The worm is cloaked in a "flash_player.exe" file and that's when the "fun" begins. According to an article on the PC World website, the virus transforms the victimized user's machine into a zombie computer to build a botnet, the purpose of which is to proxie all HTTP traffic, hijacking the results of popular search engines and diverting them to lesser known search sites. The worm propagates itself through the victim's e-mail address book, sending the bogus message to the user's friends, family and business associates. The e-mail thus flies under the radar for most e-mail spam programs and suspicions of the recipient since it appears to be coming from an approved source.

The provocative subject line on these bogus e-mails frequently contains misspellings or grammatical errors. Some of the reported ones read:

"My friend catched you on hidden cam. Checkk it out."

"lool yoour blushing afce is so funny."

And, my personal favorite:

"Paris Hilton tosses dwarf on the street"

Misspellings seem to be more common as the months go by and more people are aware of the threat of the "Koobface" virus. The misspellings may be a new work around for keeping these e-mails from being diverted to spam folders.

The keys to protecting yourself and your computer are the same as they've always been.

1. Never open an e-mail attachment, even from a friend, that wasn't expected. Ask the people on your e-mail list to put the information into the body of the e-mail rather than send as an attachment.

2. Never open an executable file found in an e-mail - this is any file with an .exe extension on the file name, as in: flash_player.exe

3. Use common sense. If you receive an e-mail from a friend or relative that seems out of character, be suspicious. Why would your mother, for example, tell you to watch a video of Paris Hilton throwing a dwarf? And, why would your best friend suddenly forget how to spell the simplest words?

4. Be cautious about accepting friend requests from total strangers on social networking sites like Facebook and Myspace, especially when they spring up out of the blue without even having first commented on one of your postings or left a message on your wall.

As the old saying goes, an ounce of prevention is worth a pound of cure. The effort it takes to fix a compromised account is, at the least, frustrating and, at the worst, may even prove futile. And, nobody, but nobody wants to go through the embarrassing and time-consuming task of warning everyone in their address book that they may have just helped to infect their computer too.

The hacker's tactics for infecting your computer with worms, viruses, and malware are pretty standard and as old as the Internet itself. You may use anti-virus programs, phishing filters, firewalls, etc. to protect your computer, but the most effective protection of all is your own common sense. Trust your instincts. If anything seems the least bit odd, click out of it, delete it, or isolate it in a spam folder. I guarantee you, if it was a genuine message from your mother telling you to watch a video of Paris Hilton throwing a dwarf, she'll ask you if you received her message.