Do you know everyone who is writing on your Facebook wall? Are you sure?
Reuters reported late last week that the "Destructive Koobface virus turns up on Facebook." This virus uses the social network's messaging system to infect PCs. Once infected, Koobface tries to gather sensitive information and phone "home."
Here's an excerpt from the article:
"Koobface spreads by sending notes to friends of someone whose PC has been infected. The messages, with subject headers like, 'You look just awesome in this new movie,' direct recipients to a website where they are asked to download what it claims is an update of Adobe Systems Inc's Flash player....
Facebook requires senders of messages within the network to be members and hides user data from people who do not have accounts, said Chris Boyd, a researcher with FaceTime Security Labs. Because of that, users tend to be far less suspicious of messages they receive in the network....
Privately held Facebook has told members to delete contaminated e-mails and has posted directions at http://www.facebook.com/security on how to clean infected computers."
It is no surprise that hackers are going where the information is available. In late 2008, that place is on social networks. My wife received this message on Facebook (on her home laptop) last week. She was fooled by the initial message, but not the download request.
Attacks are constantly being refined and updated, and users need to constantly be on guard. For government enterprises, I recommend taking steps to ensure that you don't have any infections. A Google search on this topic yields plenty of help.
Has anyone seen Koobface inside their government networks? Does this situation make you less likely to allow social networks like Facebook at work?
Leave a comment