Koobface computer virus gang unmasked

Jan 17, 2012
Online security researchers claimed to have identified the members of a Russian gang of cyber criminals behind the Koobface computer virus which has attacked Facebook and other sites. Facebook said that its security team had helped knock out a computer server which controlled a Koobface "botnet" of malware-infected personal computers.

Online security researchers claimed Tuesday to have identified the members of a Russian gang of cyber criminals behind the Koobface computer virus which has attacked Facebook and other sites.

Facebook said meanwhile that its security team had helped knock out a which controlled a Koobface "" of malware-infected personal computers.

According to Jan Droemer, an independent computer security researcher, and Dirk Kollberg of security firm SophosLabs, the five members of the Koobface gang live in St. Petersburg, Russia.

In a blog post, Sophos said evidence and the identities of the five Koobface suspects has been handed over to law enforcement.

The Koobface virus first emerged in 2008, spreading in the form of messages with subject lines such as "You look just awesome in this new movie."

Users who clicked on the message were informed their Flash player was out of date and were prompted to download , exposing their computer to Koobface malware.

Koobface tricked some owners of infected personal computers into buying anti-virus software and enlisted their machines into a botnet made up of hundreds of thousands of infected computers.

"Koobface was able to perform these actions by communicating with a central 'Command & Control' server, which directed the compromised computers to do the gang's bidding," Facebook said.

"This remained the case until last March, when Facebook Security was able to perform a technical takedown of this 'Command & Control' Mothership," it said.

"Since then we have had no new sightings of Koobface for over nine months and our teams are working hard to keep it that way," Facebook said.

"While we have been able to keep Koobface off Facebook, we won't declare victory against the virus until its authors are brought to justice," it said.

"To this end, we will be sharing our intelligence with the rest of the online security community in the coming weeks in an effort to rid the Web of this virus forever," Facebook said.

Explore further: Belarus tightens control over online media

add to favorites email to friend print save as pdf

Related Stories

Facebook teams with McAfee to tighten security

Jan 13, 2010

Facebook has announced an alliance with Internet security specialty firm McAfee to get user of the world's leading online social network to better protect their computers.

Spam down but 'zombie' armies growing: McAfee

May 07, 2009

Hackers appear to be beefing up armies of "zombie" computers to recover from a major hit scored in the battle against spam email, according to software security firm McAfee.

Cyber-crooks targeting social-networking websites

Mar 03, 2009

Computer security specialists warn that Facebook users have been hit with a series of data-stealing attacks in the past week as cyber crooks increasingly stalk social-networking websites.

Recommended for you

Spain: Google News vanishes amid 'Google Tax' spat

Dec 16, 2014

Google on Tuesday followed through with a pledge to shut down Google News in Spain in reaction to a Spanish law requiring news publishers to receive payment for content even if they are willing to give it away.

Brazil: Google fined in Petrobras probe

Dec 15, 2014

A Brazilian court says it has fined Google around $200,000 for refusing to intercept emails needed in a corruption investigation at state-run oil company Petrobras.

Microsoft builds support over Ireland email case

Dec 15, 2014

Microsoft said Monday it had secured broad support from a coalition of influential technology and media firms as it seeks to challenge a US ruling ordering it to hand over emails stored on a server in Ireland.

User comments : 0

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.