Koobface gang turns off command servers, as Russian police explain lack of action

The publication of a detailed investigation into alleged members of the Koobface malware gang appears to have had an instant impact.

The C&C (command and control) servers at the heart of Koobface have stopped responding, and the individuals uncovered by the report have been busy deleting their profiles on social networks, where they had left digital clues as to their identities.

Although social networking accounts have been wiped, security researchers and law enforcement agencies have archives of the vast amount of material already published by Koobface gang members, including photographs, movies, and locations as they checked into sites such as FourSquare.

That data can be used in a variety of ways. For instance, FourSquare logins can be displayed on Google Earth, allowing researchers to replay how individuals have moved from place to place at certain times.

Ryan McGeehan, a member of Facebook’s security team, was…

Read more in my article on the Naked Security website.

Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.

Graham Cluley •   @gcluley

Graham Cluley is a veteran of the cybersecurity industry, having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent analyst, he regularly makes media appearances and is an international public speaker on the topic of cybersecurity, hackers, and online privacy. Follow him on Twitter, Mastodon, Bluesky, or drop him an email.