Facebook have turned to Microsoft, specifically the Microsoft Malware Protection Center (MMPC), to help fight the Koobface virus which first started plaguing the social networking site last summer.
Koobface spreads itself via email, using enticing email links designed to trick the reader into clicking links that install the virus (read more about Koobface)
Malware
Not only does Koobface lead to stolen Facebook accounts but it also installs malware onto the target computer and it is becoming an ever-increasing menace.
For this reason the Facebook security team implemented some measures to slow the spread of Koobface -
- Deletion of content generated by the worm
- Blocking of Wall posts which contain links to known phishing sites
- Use of automated systems in order to detect abuse on the site quicker than before
- Posting of updates on the Facebook Security Page
However, these measures have proven to be unsuccessful in eradicating Koobface once and for all.
This is because the virus is not isolated within Facebook – it infects computer and operating systems allowing it to exist outside of the social networking site – thereby meaning it can launch fresh attacks whenever the target machine logs into Facebook again, or even when it simply connects to the internet.
This fact led Facebook to Microsoft who’s Windows operating system is by far the most used by their visitors.
Patched!
The collaboration between Facebook and MMPC led to Microsoft adding security patches to fix machines that has been infected by the Koobface virus.
These patches are available through Windows Update.
The patch has proven to be highly effective so far, having removed Koobface over 200,000 times in just a fortnight.
It is hoped that, by working together, Facebook and Microsoft can stop the virus from spreading any further both within Facebook and elsewhere.
One potential stumbling block, however, is that Koobface is a polymorphic virus, meaning that it evolves and creates new variations of itself in order to evade detection and removal by anti-virus products.
So far, over 20,000 different variations of Koobface have been noted.
{ 2 trackbacks }
{ 4 comments… read them below or add one }
@Malcolm
My research documents reports of the Koobface worm infecting (or attempting to infect) workplace-related computers by way of Facebook. Employers/organizations thus have security as a reason to block social network sites like Facebook. –Ben
Do you reckon Koobface is as big a concern as Conficker may yet prove to be?
I think Koobface is a bigger concern right now because Confiker isn’t posing any immediate threat. I have a feeling that may change in the near future though.
Hi Ben, thanks for commenting.
I just left a comment on your site which says that educating users is the best solution.
I also believe that organisations may be wise to block acess to social sites in order to make their own networks secure, as well as raising productivity, though they would do well to maintain an official presence for their marketing efforts.