Koobface Trojan is back, and now it comes with a few surprises for some friends: Infecting Mac OS X and Linux OS. Intego, the Mac Security Blog, informed that this virus is spreading through social networks and does affect Mac computers as well as Linux.
Koobface appears in social networks like Facebook, Twitter and MySpace and now they will not infect only Windows computers. One of the common messages we should receive indicating the presence of Koobface: “Is this you in this video?” once we click on the link it will try to run an applet from Java which will install a malware in the OS.
As for Windows, Koobface will run a local web server and an IRC Server, acting as a Botnet and as a DNS changer; and of course will try to reproduce to other computers.
Intego assures that the Intego VirusBarrier X6 and X5 detect and eradicate this malware, but we must avoid running any unknown Java applet in our computer, and if so, we should detect an installation is running and quickly cancel it.
Spam levels have increased in the last few months, since March more precisely, in a 141% said McAfee Threat Report from Second Quarter in 2009. The main reason resides in another increase: botnets (infected computers used for spamming and other attacks) up to 16%. Need an explicit number? That translates in 117 billion spam emails every day.
The number that is quite disturbing as well, is the botnets that are currently infected: 14 million computers. 150k every day, that represent 20% of all the computers that are acquired every day. And these botnets and zombies they are not only responsible for most of the spam, also they generated other attacks like denial-of-service to the White House, New York Stock Exchange and South Korean government web sites.
About South Korea, that’s the country that increased the most in the botnet activity, up to 45%; but yes, the US keeps in the top of that list with over 15% of the entire zombie population.
These spam numbers do not come alone, malware attacks have increased, specially the ones that infect the Windows auto-run that do not require any user intervention to “spread the evil”. That type of malware even outnumbered the Koobface or the Conflicker attacks.
This is a battle that will never end I think, I’m sure that those that depend on this kind of battles will not let it end.
What do you think?
Koobface malware found his way to infect thousands of Twitter users in the last days, increasing of course the number of Twitter updates giving messages like “My home video 
[url]“. The URL mentioned is listed randomly, all directing the traffic to a Koobface site.
Twitter’s reaction was fast and already suspended most of the users infected to avoid the virus from spreading. TrendMicro blogged about this and is already giving their users the solutions if they were infected.
This is apparently the second attack given by Koobface in Twitter, the first one used only three different TinyURLs with infected users; this malware mutation gave the infection a longer life than the previous one, that also appeared on Facebook, MySpace, Bebo, Hi5, Friendster and LiveJournal.
There’s no question about it, when you are that big, you will always have attackers and damage control will be needed.
