Sunday, March 15, 2009

Koobface and more security

One or two of you know that I'm a bit of a security nut. With the Web becoming a bigger and more popular place before our very eyes, it's becoming more and more of a breeding ground for malware. Just to review, malware is the current catch-all word for bad stuff more specifically referred to as viruses, spyware, trojans, worms, keyloggers, and adware.

Unfortunately, our increasing use of social networking sites like myspace, twitter, and facebook has changed our attitudes toward what the Internet is really about. Let me get this straight. I love facebook. I love that it allows me to keep in touch with people hundreds of miles and several years away. I'm just saying that because of places like facebook, we've grown accustomed to freely clicking on things to find out what's going on in our social circle.

Enter Koobface. Koobface is a "worm" that infects your computer and your facebook account. It uses your account to send phony messages to people on your friends list. The message typically says something like "hey check out this crazy video taken of you last night!" or simply "you look awesome in this video." It links to a fake YouTube page, telling the unsuspecting user that in order to watch this video they have to update their Adobe Flash Player, on which Youtube runs. This is the downfall of the malware victim. He or she clicks to update Flash, and ends up downloading and running a piece of crap malware.

Koobface is not new, nor is it the first instance of malware or hackery on Facebook. But it certainly is dangerous. Once infected, it is recommended that one at the very least changes one's password. Remember, these fake messages are sent under the name of the person whose account is infected, without that person's knowledge.

If you receive such a message, delete it immediately and help your friend out by telling him or her what I just told you; they have been infected. You as a recipient are not infected if you simply receive the message. You'd actually have to go through the process of clicking the bad link and installing the fake Flash Player in order to be infected.

The virus affects Windows users only, though if you're running virtualization software like Parallels or VMWare or VirtualBox on your Mac the copy of Windows on the virtual machine can get infected. If you're on a Mac your facebook account itself can also be infected, if your account has been exposed to an infected Windows machine.

This leads to a general point about security. Antivirus (or more appropriately, antimalware) software, can only do so much. You are your own first line of defense in protecting yourself from online dangers. Use common sense. If you get an e-mail message that matches the description above, it's likely the same kind of deal. Don't click!

The thing that really gets people is the fact that these messages often come from people they know and like. You'd be more willing to click a link from a friend than from some random shmuck named Landey B. Shellward, right? Just remember that a message from a "friend" can still be suspicious and dangerous because it is SO easy to spoof a sender's name.

You may be curious about what others are saying and what people have seen of you that you don't want them seeing. But if you were home studying last night and someone claims to have a video of you at last night's wild party, don't be stupid. Don't be the cat that curiosity killed.

No comments: