Koobface - Facebook Virus

Koobface is a computer worm which is transmitted with a help of Social networking websites such as Facebook.com or Myspace.com. The passing of a virus from one computer to another is carried out via malicious links included in messages, delivered from one user to another, which have been confirmed as friends on the social networking website. The user's computer from which the message has been sent is already infected with Koobface virus. The user itself has nothing to do with it, because all such messages are generated and sent by the virus.

The messages consist of a link pointing to malicious webpage and some text that describes target content. It usually a video link with a text like "i ofund a viideo iwth you in my cammera", "I think I am TOTALLY going to try this out to make some bonus Xmas cash GALEWHER . C0M" or "Paris Hilton Tosses Dwarf On The Street?". After clicking on such link, user will be taken to compromised webpage, which will ask to update Adobe Flash player in order to watch video content. But the victim will be infected with Koobface virus instead of updating video player.

Koobface virus modifies the DNS server in order to ban access to security websites, thus preventing to eliminate the virus. Koobface is bundled with Rogue antivirus installer, which is intended to install fake anti-virus/anti-spyware program on victims machine.