Microsoft and Facebook join forces to battle Koobface

Jeff Williams, a principal group program manager for the Microsoft Malware Protection Center (MMPC), has posted a blog on Facebook, claiming that he had been working with the social networking site to fend off the virus that had been affecting users of both the Windows operating system and the website.

The Koobface virus first surfaced in May 2008, and spreads by delivering fraudulent messages from people whose computers have been infected. Williams claimed that while the Facebook security team was able to detect the virus quickly and reset people's accounts, some computers remained infected and continued to spread Facebook messages with seemingly harmless subject headers such as ‘Check out this video' or ‘LOL'.

Williams said: “Without the most up-to-date anti-virus software, if you clicked on the links within the messages, your Facebook password and account information could be stolen. Then, your account could be used to help the virus spread by sending even more fraudulent messages to your friends.”

He further claimed that by working with Facebook, Microsoft was able to add detection of Koobface to its Malicious Software Removal Tool (MSRT), which checks computers running Windows software to detect and remove viruses.

Since the latest version of MSRT was released two weeks ago, Williams claimed that Koobface has been removed nearly 200,000 times from over 133,677 computers in more than 140 different locales around the world.

Williams said: “Our work doesn't stop here. Koobface is constantly changing to avoid detection, or as we call it ‘highly polymorphic', with over 20,000 variations to date. Sometimes we remove the virus from the same computer more than once. We're also working to detect new variants of the Koobface virus as they're discovered, so we can provide ongoing protection from this threat.”


See original article on scmagazineuk.com