Tuesday, August 10, 2010

Facebook Hacked !!

Social Networking websites have changed the way we interact in our personal lives and are in the process of transforming our professional lives. Increasingly, they play a significant role in how business gets done. But they're also high risk. With hundreds of millions of users, these tools have attracted attackers more than any other target in recent years.


According to Anti hacking Anticipation Society® the top social network threat that an enterprises or an individual must consider is "KOOBFACE" . Koobface an anagram of Facebook, has become, "the largest Web 2.0 botnet."which challenges the definition of "worm," it is specifically designed to propagate across social networks like Facebook, mySpace, Twitter, hi5, Friendster and Bebo.

Koobface is a computer worm that targets the Microsoft Windows users of the social networking websites. Koobface ultimately attempts, upon successful infection, to gather sensitive information from the victims such as credit card numbers. It was first detected in December 2008 and a more potent version appeared in March 2009.



Koobface spreads by delivering Facebook messages to people who are 'friends' of a Facebook user whose computer has already been infected. Upon receipt, the message directs the recipients to a third-party website, where they are prompted to download what is purported to be an update of the Adobe Flash player. If they download and execute the file, Koobface is able to infect their system. It can then commandeer the computer's search engine use and direct it to contaminated websites. There can also be links to the third-party website on the Facebook wall of the friend the message came from sometimes having comments like LOL or YOUTUBE. If the link is opened the trojan virus will infect the computer and the PC will become a Host Computer. Among the components downloaded by Koobface are a Special program that blocks access to well known security websites and a proxy tool that enables the attackers to abuse the infected PC.

The Windows operating system is currently the only operating system affected by these worms. Koobface is also known as W32/Koobface, W32/Koobface.AZ, W32.Koobface and Boface. Koobface gets on a machine and checks if there are cookies of social networking websites. If found, the worm infects victim’s profile. If no cookie found, it simply erases itself from the computer. Koobface also loads pop-ups that look like MS Windows error messages. The pop-up contains the following text: “Error installing Codec. Please contact support.” The Koobface worm targets Twitter users by spreading through links looking like Youtube Video Urls. When users click on that url, Koobface activates. Whenever this person logs on Twitter again, Koobface automatically comes out from its link and starts scrabling.



Some Tips to deal with KoobFace From Anti Hacking Anticipation Society®.

To manually remove Koobface from your PC, first kill processes fbtre6.exe, mstre6.exe and ld08.exe

Then, delete the registry values:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Current Version\Run\”systray” = “c:\windows\mstre6.exe”

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Current Version\Run\”systray” = “C:\Windows\fbtre6.exe”

HKEY_CURRENT_USER\AppEvents\Schemes\Apps\Explorer\Navigating



Now delete the files fbtre6.exe, fmark2.dat and ld08.exe from your hard disk. Also Install Anti Viruses, and also update the signnature databases daily to protect you and your computer.

No comments:

Post a Comment