The hackers behind the infamous Koobface worm have launched a new campaign that seeks to trick users by employing a Christmas theme.
Koobface was first detected around a year ago, spreading primarily through social networking sites such as Facebook and MySpace, and stealing user credentials and other sensitive information such as credit card details.
Users are generally more trusting of messages coming from their friends or contacts on these sites, so Koobface's strategy - compromising accounts then sending out messages containing malicious links to their "friends" - was highly successful.
Now, new alerts from security vendors Websense and Symantec are warning users that the new message "I caan't ffall asleepp affter viewwing thiss videeo. I haven'tt seenn aanything liike this" is Koobface.
The accompanying link will take users to a fake Facebook page or a fake YouTube video page where they will be encourage to install and run a setup.exe file presented as free antivirus to protect the user from Koobface, or a Flash upgrade to watch a video posted by Santa.
http://www.v3.co.uk/v3/news/2254247/koobface-gears-christmas