Our friends at Kaspersky reported at the end of last week the discovery of the so-called Koobface malware which accesses infected users’ Facebook and MySpace accounts.
A few people have been in touch asking if Sophos detects the malware. Well, I’m pleased to report that we detect the various malware elements proactively as Mal/Heuri-E, Mal/Heuri-D, Mal/Emogen-N and Mal/Packer.
The malware is written in Visual C++ version 6.0, and has been packed in an attempt to make analysis and detection more difficult for security researchers. The malware works by directing your ‘friends’ on the social-networking websites to click on a link to another site purporting to contain a video clip. If they are tricked into downloading an executable to ‘watch’ the video at the third party website, a message is displayed:
“Error installing Codec. Please Contact Support”
…
Read more in my article on the Naked Security website.
Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.