The Koobface social networking Trojan has plagued Internet Explorer users for over a year now.
Back in December, the worm manifested as Facebook spam messages with video links. Once clicked, viewers were prompted to download Trojan malware disguised as a Flash Player upgrade. Anyone who followed the on-screen prompts installed Koobface’s proxy server on his or her computer and became a conduit for ad jacking and clickfraud schemes.
Today, Koobface carries out basically the same scheme in a similar way, but reports about the latest variant of the Trojan reveal that Firefox users are now susceptible to the hack.
Firefox was “protected” from earlier versions of Koobface because the browser stores cookies in different locations and formats than Internet Explorer. The new variation employs a tool capable of transforming credentials saved in Firefox’s proprietary format into a style compatible with IE which lets the rest of Koobface’s payloads work as usual.
Web 2.0 providers are getting wiser and faster to react and harden internal policies, but Koobface’s developers are keeping pace. The worm has slithered its way past Facebook and is now making appearances on additional social networking sites like MySpace, Hi5, Friendster, Tagged, and Netlog.
Social networkers, beware!
This entry was posted on Tuesday, September 22nd, 2009 at 8:00 am and is filed under Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.
