DragonMaster Jay
Site Owner
Twitter...Facebook...Myspace...flooded with spamming and malware distribution. Malware writers appear to be exploiting and distributing malware through social networking now more than ever. With the fairly recent javascript exploit active, CVE-2010-0806, seems malware writers have managed to infect thousands, if not millions. There are several variants of the infection, that plead to avoid detection.
That would not be the main threat, however. The main threat is the Koobface worm, also known to antivirus companies as W32/Koobface.worm. Known to Cheetah-Anti-Rogue as Koobface.WormHole. This worm is being spread through spam in social networks. The malware writer creates a fake account, posts spam with a message that everyone on their friend's list can see. If the user clicks on the crafted link by the malware writer, it redirects to the infected site, where it immediately begins downloading malware to attempt to take control of the victim's computer.
From Tweets on Twitter, to status updates on Facebook, and to bulletins and status updates on MySpace...this worm is being spread nearly faster than any other worm in history. Its target? Profiles on the social networking sites. The worm searches through browser cookies and sees if the cookie for one of the three networks exist. And if they do, it automatically posts messages and links in the profile of the user. This is an attempt to continually spread itself.
What is being done to fight the threat? Warnings. That is all that can be done to get users to understand how important it is to NOT click on links that are posted in status updates/Tweets, unless you know for sure the site is safe and can be safely navigated.
Short links: preview them first. Instructions on how to do this are as follows: for TinyURL links, copy the TinyURL, and paste it in to the address bar, but first add the following on before the tinyurl.com: preview. so it looks like http://preview.tinyurl.com/random -- and it shall go to the TinyURL site and look where it is headed, so you know if the site is safe or not.
You can have this process for TinyURLs done automatically by going to this page: http://tinyurl.com/preview.php and clicking the link "Click here to enable previews." Once done, every TinyURL you click will go to a preview page instead of going to the site, so you can browse it with confidence.
To preview Bit.ly links, download this extension for Firefox: https://addons.mozilla.org/en-US/firefox/addon/10297/ , and all you have to do is hover over Bit.ly links, and it shall preview it for you.
Chrome add-on for Bit.ly: https://chrome.google.com/extensions/detail/iabeihobmhlgpkcgjiloemdbofjbdcic
Save your computer, and your social networking profiles from danger, and think smart about the links you click on.
That would not be the main threat, however. The main threat is the Koobface worm, also known to antivirus companies as W32/Koobface.worm. Known to Cheetah-Anti-Rogue as Koobface.WormHole. This worm is being spread through spam in social networks. The malware writer creates a fake account, posts spam with a message that everyone on their friend's list can see. If the user clicks on the crafted link by the malware writer, it redirects to the infected site, where it immediately begins downloading malware to attempt to take control of the victim's computer.
From Tweets on Twitter, to status updates on Facebook, and to bulletins and status updates on MySpace...this worm is being spread nearly faster than any other worm in history. Its target? Profiles on the social networking sites. The worm searches through browser cookies and sees if the cookie for one of the three networks exist. And if they do, it automatically posts messages and links in the profile of the user. This is an attempt to continually spread itself.
What is being done to fight the threat? Warnings. That is all that can be done to get users to understand how important it is to NOT click on links that are posted in status updates/Tweets, unless you know for sure the site is safe and can be safely navigated.
Short links: preview them first. Instructions on how to do this are as follows: for TinyURL links, copy the TinyURL, and paste it in to the address bar, but first add the following on before the tinyurl.com: preview. so it looks like http://preview.tinyurl.com/random -- and it shall go to the TinyURL site and look where it is headed, so you know if the site is safe or not.
You can have this process for TinyURLs done automatically by going to this page: http://tinyurl.com/preview.php and clicking the link "Click here to enable previews." Once done, every TinyURL you click will go to a preview page instead of going to the site, so you can browse it with confidence.
To preview Bit.ly links, download this extension for Firefox: https://addons.mozilla.org/en-US/firefox/addon/10297/ , and all you have to do is hover over Bit.ly links, and it shall preview it for you.
Chrome add-on for Bit.ly: https://chrome.google.com/extensions/detail/iabeihobmhlgpkcgjiloemdbofjbdcic
Save your computer, and your social networking profiles from danger, and think smart about the links you click on.
..........................................................
DragonMaster Jay
Owner/Administrator/Operator Cheetah-Fast Services
Advanced Malware Analysts Group Owner
Kaspersky Anti-Virus 2012: Click Here
Sun Feb 05, 2012 3:10 pm by 
