Too Comfortable?

Malware authors preying on those with their guard down
March 2009
by Robin Wark

Malware writers are constantly changing with the times. Lately they have been focusing their efforts at exploiting social media sites, and in the last few months there have been a number of malware outbreaks related to Facebook and YouTube.


While these sites themselves might be "safe," security industry experts warn to be cautious of posted links that take you to other, more dangerous, sites. Experts say the cybercriminals are playing on users' high comfort level with and the community feel of the social networking sites.

Some of the latest threats to hit social media sites include:

  • Koobface.AZ. This rogue application secretly steals user information or tries to trick users into revealing it to them. This info is then sent or sold to a third-party website. In one instance, people received messages saying they had violated Facebook's terms and conditions. If you clicked on the notice, you were taken to the application "f a c e b o o k --- closing down!!!" This then caused the same message to be sent to all of your friends. In a similar case, Facebook users received notifications from a user's friend saying that there were "errors" when they tried to view a profile. If you clicked "View the Error Messages," you could actually end up opening another rogue application.
  • VideoPlay spreading through posts on YouTube and Digg. These increased 400 per cent from January to February. The posts claim that if you click on them you will be able to see Dark Knight actor Christian Bale freaking out or unclothed video of Jessica Simpson or Megan Fox. Instead, users got a page where they were asked to download a codec to view the video. A codec is a program that codes and decodes digital data streams. However, in this case the user did not download a codec, but rather VideoPlay. This adware is a worm that tries to swipe email logins and other information and spread itself via removable drives.
  • The same people who are thought to be behind the Digg campaign were also believed to have a hand in exploiting fellow social networking site LinkedIn during January. It seems these criminals are working their way through the popular social media sites.

While these social networking site threats are relatively new, security experts suggest that you follow the same common sense guidelines as those used when accessing email or web browsing:

  • Don't click on messages form people you don't know
  • If it doesn't feel right, it probably isn't
  • Provide your private information to very few sites

These old but true guidelines will help you stay safe in this new age of warfare against malware.

Microsoft is a registered trademark of Microsoft Corporation in the United States and/or other countries.