The Koobface social networking Trojan has plagued Internet Explorer users for over a year now.
Back in December, the worm manifested as Facebook spam messages with video links. Once clicked, viewers were prompted to download Trojan malware disguised as a Flash Player upgrade. Anyone who followed the on-screen prompts installed Koobface’s proxy server on his or her computer and became a conduit for ad jacking and clickfraud schemes.
Today, Koobface carries out basically the same scheme in a similar way, but reports about the latest variant of the Trojan reveal that Firefox users are now susceptible to the hack.
Firefox was “protected” from earlier versions of Koobface because the browser stores cookies in different locations and formats than Internet Explorer. The new variation employs a tool capable of transforming credentials saved in Firefox’s proprietary format into a style compatible with IE which lets the rest of Koobface’s payloads work as usual.
