Users whose computers are infected may have their credit card numbers stolen or their searches on Google, Yahoo and MSN diverted to fraudulent Web sites.
The malicious code underscores how hackers are increasingly targeting social networking sites including Facebook and MySpace to capitalize on their big audiences. Because social networking sites allow messages only between fellow members who are confirmed friends, many users assume they are safe.
Koobface is spread through messages sent from friends whose computers are infected with the virus. The messages arrive in Facebook inboxes with titles like "you look just awesome in this new movie" and direct readers to another Web site to supposedly watch the clip.
After clicking to visit the site, users are shown a message that tells them they need an updated Adobe Systems Flash player. But downloading the software infects the victim's computer with the virus.
"Only a very small percentage of Facebook users have been affected, and we're working quickly to update our security systems to minimize any further impact," said Barry Schnitt, a spokesman for Facebook, in Palo Alto.
The current attack on Facebook's users is a variant on a worm that first struck in August and is now making another pass. MySpace users suffered a similar assault over the summer, but they haven't been targeted again since new security measures were put in place.
Dave Marcus, a security researcher and communications director for software security company McAfee, in Santa Clara, said the worm affecting Facebook users poses a threat similar to other malware attacks over the years. He said that there have been cases of Facebook users having their identities stolen and that others have had their searches hijacked to search engines that they never intended to visit, so that its operators can collect on the advertising.
Who is behind the attack or where they are located is unclear, Marcus said. Victims are located across the globe.
Facebook has warned users not to open suspicious messages and to verify that a friend intentionally sent a link before clicking on it. Users whose accounts are compromised should change their passwords and scan their computers with updated antivirus software.
Separately, Facebook has delayed a plan to allow employees to sell some of the stock options they have in the privately held company because of the bad economy. Many technology insiders have speculated that the shares would no longer get the price they would have last year, when the company's value was pegged at $15 billion when Microsoft bought a 1.6 percent stake.
No comments:
Post a Comment