Koobface worm is dangerous infection spreading through profiles on various social networks. Some security tools detect it as Boface or W32/Koobface or W32.Koobface. It is usually distributed on Facebook and MySpace websites. We first found out about Koobface in the late autumn of 2008 and wrote quite a brief article about it. Now, with the more information circulating, we are renewing this information.
Koobface is an almost antique computer worm which can infect mostly all of the preferred operating systems. Its founders are crooks from Russia and they first introduced this infection into the society in 2008. Back then there was not a lot of information about this specific virus. Now, time hads passed and in 2016 you can find all of the necessary information, regarding the main aspects of this Koobface worm.
The very first attempt to distribute Koobface worm was via Facebook which was not that big of a hit as it is today. As you might guess, a lot of people suffered from this disease as they were not appropriately informed about the dangers that might arise. We might also describe this secretive installation of other programs as some sort of Koobface’s attempt to never be lonely in a device. It surely does not want to be the only malware, affecting your device.
Its main chosen route for traveling is social networking sites, instant messaging apps or email accounts. The primary goal is to infiltrate into the system and get access to the users’ confidential information. Banking account material, passwords, logins and similar data is the bright diamond for the crooks that constructed this devious worm. Koobface can also be responsible for additional infection since it can secretively install malicious executables and have them mess up your device even more.
During those years of being active, Koobface was finally completely unravelled and no longer stands as a mystery. However, before that, security researchers dealt with clones or closely-related infections that were crafted to attack one social media networking site at the time. Finally, in winter of 2012, society finally found the people to place the blame for this aggravating infection. As we have already mentioned, Russia was the country from which the worm started to be distributed. To narrow the scope, we will identify that the base of these crooks was in St. Petersburg city. 5 men were found guilty for Koobface.
Koobface only activates its malicious payload if it finds social networks cookies on board a computer. It if can’t find traces of MySpace or Facebook or other network, Koobface simply deletes itself. If it finds the cookies, it loads “Error installing Codec. Please contact support.” pop-up which looks exactly like Windows error pop-up. Koobface distracts people from the real problem this way.
Koobface worm puts links on user’s social network profile that links to websites infected with the same worm. Koobface is presented as video codec on those websites, so anyone clicking the links on infected profile risks being infected too.
As for the distribution: we do no think that you can get infected with the original version of this worm. However, there is always a possibility to catch this virus or a look-alike accidentally.
Automatic Malware removal tools