New Koobface variant hits Twitter users

By on

New and improved version causing problems.

Security experts are warning of a new variant of the Koobface worm which is again using Twitter to spread.

The malware sends individual tweets to users from infected computers promoting a web link. The link takes the user to a phoney Twitter page where they are encouraged to download a Flash update which contains the virus.

"This week everyone's been talking about how Twitter started to use the Google Safebrowsing API to block tweets containing malicious URLs," said Kaspersky Lab researcher Stefan Tanase.

"It is definitely going to stop some attacks but, as we're seeing with the current attack, it won't eradicate the problem completely. It's clearly a step forward, but a single swallow doesn't make a summer."

Tanase explained that the Koobface worm had been sent out from over 100 individual IP addresses in an attempt to widen the net of victims. Twitter has said that it will cancel any accounts that send infected tweets.

Koobface was first detected last year, and uses a long list of social networking sites to spread, including Facebook, MySpace, Bebo, Tagged and Netlog.

Data from Kaspersky shows that viruses that use social networking sites to spread are 10 times more effective, since there is a strong element of trust between users.

Some are speculating that the new variant's release is in some way connected to the closure of Twitter by a distributed denial-of-service attack, but there is no evidence of this at this time.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©

Most Read Articles

Log In

  |  Forgot your password?