Malware City/Blog/

Jul
14
Filed Under:
ALERTS

Twitter Koobface spreads unhindered

14 July 2009
Blocked hosts replaced with brand new Web pages holding the same worm

It seems that Twitter's initial attempt to block accounts and remove the malicious payload from its hosts in the cloud failed lamentably.

The worm that infects systems via spam tweets simply changed its base. The tinny URLs displayed in the automatically generated feeds are now directing to other Web pages, allegedly displaying the same "My home video :)", which is none other than the same variant of Koobface.

 

Facebook and Twitter Malware

 

Otherwise said, "E.T. call different homes", turning the entire thing into some sort of tweetsted "hide and seek" security game, as you can see below.

Twitter malware

koobface

The nasty part is that unless you don't have a security solution up and running to block Koobface in the first place, chances are for you to end up with a compromised system and a suspended Twitter account.





By Razvan Livintz
Balancing the keen and until late in night reading, with Internet "addiction", the genuine zeal for my bright and fervid students with the craze for the latest discoveries in science and technology, I also enjoy taking not very usual ...

Related

13-07-2009 | Facebook Malware Now Attacking Twitter Accounts

13-07-2009 | Bank of America sends electronic Customer Forms?

01-07-2009 | Michael Jacksons' unknown killer

26-06-2009 | In the summer time, when the spamming is hot…

Comments:

Eric "SecRunner" said on Jul-14-2009 09:37

That's pretty nasty. What's worse is VirusTotal is only showing 13 of the 30 engines detecting it.

Comment on this

Name:

Email:

Website:

Your email adress will not be published.