Security

Koobface worm infects Twitter

July 15, 2009, 05:59 AM — 

Symantec reports this morning that the Koobface worm that first hit Facebook continues winding its way through Twitter.

The Koobface worm, with a name formed by jumbling the letters in the word "Facebook," has emerged as a new variant that hijacks Twitter accounts and sends out tweets containing the following phrases: “My home video :);” “Watch my new private video! LOL :);” and “michaeljackson’ testament on youtube.”

The worm uses the high-jacked Twitter accounts to spread malware. The TinyURLs that the tweets include direct readers to the AdultFriendFinder Web site, or to a bogus video Web site that attempts to convince users to download and run a file contaminated with malware.

The enterprising worm also sends links to an infected user’s followers, leading Symantec to warn against clicking on any links received in a tweet, even if they come from friends.

Symantec says this variant is known as W32.Koobface.A, and says that Twitter has suspended the infected accounts.

Follow Cara on Twitter here

Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world

I like it!
Post a comment
The content of this field is kept private and will not be shown publicly.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.
peer-to-peer

Brian Proffitt
Microsoft/Novell: Breaking Down the Coupon Numbers

Esther Schindler
Drupal's Dries Buytaert on Building the Next Drupal

Tom Henderson
Top Ten General Operating Systems Rants

pasmith
PS3 motion controller delayed; goes up against Project Natal

sjvn
Neolithic Windows security hole alive and well in Windows 7

claird
Perl source code comparison makes for good reading

mikelgan
Cell phones don't create stress or interrupt much

Sandra Henry-Stocker
How to: The Unix Interview

 

Where Google Chrome security fails: the password
I heard mention that the Chrome OS will have some sort of encryption available a la bitlocker. If it's possible to encrypt personal data using another password or key, then it may have potential for very secure data.... And Ubuntu has an 'encrypt home directory' option, perhaps google should follow suit.
- Dann

Join the conversation here

The Daily Tip

The Daily TipQuick, practical advice for IT pros. Made fresh daily.

Hot tips:

Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.

Newsletters

Subscribe to ITWORLD TODAY and receive the latest IT news and analysis.

I would like to receive offers via email from ITworld partners.
By clicking submit you agree to the terms and conditions outlined in ITworld's privacy policy.
Marketplace