Monday, January 3, 2011

Reality of Facebook Warning Message of "Trojan Worm" Called Knob Face - - A Hoax Based on Real Threat Known as 'Koobface'

Beware! Its a Cyber World - - Summary:

A warning message spreading via Facebook about a "Trojan worm" called Knob Face and advisers recipients to avoid adding a user called "Smartgirl 15". It also warns users to watch out for links labelled "Barack Obama Clinton scandal".
In fact, this warning is inaccurate and highly misleading. The warning is apparently derived from concerns about a genuine security threat known as Koobface. However, because this message contains so much false and misleading information, it is in no way a valid warning about Koobface. Sending on the message will do nothing more than confuse users and diffuse the usefulness of genuine warnings about Koobface. If you receive this message, please do not repost it to others. 

ATTENTION!!!!!!-Virus spreading like wildfire on Facebook!!

It is a Trojan worm called "Knob Face". It will steal your info, invade your system and shut it down! DO NOT open the link "Barack Obama Clinton scandal". If "Smartgirl 15" adds you, don't accept it; it is a virus. If somebody on your list adds her then you will get the virus, too!! Copy and paste to your wall please!!
Beware! Its a Cyber World - - Explanation:

This warning message is circulating rapidly around social networking website, Facebook. According to the message, a "Trojan worm" by the name of "Knob Face" is "spreading like wildfire" on Facebook. The message warns Facebook users not to open links about a supposed "Barack Obama Clinton scandal". It also warns users not to add a user named "Smartgirl 15" to their contact list. Supposedly, "Smartgirl 15" is actually a virus and adding "it" to your contact list will infect your computer along with the computers of all your contacts.

However, this warning contains false information and is highly misleading. The warning is apparently a mutated and invalid derivative of warnings concerning a genuine computer security threat known as "Koobface", an anagram of "Facebook". Some earlier versions of the warning do refer to "Koobface" rather than "Knob Face". However, even those versions that correctly name the threat get the rest of the information so fundamentally wrong that the warning is virtually useless as a means of informing users about the real Koobface worm.

There are no credible reports that suggest that Koobface is currently being distributed via links pertaining to a supposed scandal involving Barack Obama and Hilary Clinton. However, it should be noted that a rogue Facebook application titled Barack Obama EXPOSED was at one point luring unsuspecting users via links that supposedly displayed a video about the "Barack Obama-Hillary Clinton Scandal". Clicking the "video" link installed the application, which then spread itself by automatically posting links on Facebook that appeared to have been sent by the person who installed the application. However, while the advice in the message not to open links pertaining to a "Barack Obama Clinton scandal" is worth heeding, this small element of truth does not validate the warning message as a whole. Clicking the "scandal" link installed a rogue application that spammed other Facebook users and may have directed users to malicious websites. However, the link did not install a "trojan worm" called Knob Face (or Koobface) nor did it invade your system, steal information and shut down your computer.

In reality, the Koobface worm users a variety of tactics to fool social networkers into downloading malware, not just links pertaining to one particular subject such as a political scandal. Some strains of this worm, which target users of Facebook, MySpace, Bebo, and other social networking websites, send out messages that invite recipients to click a link to view a video. Those who clicked the link may be taken to a bogus website that claims that they must update a plugin or other component in their browser before they can view the video. However, the supposed update actually installs a worm that can login to the user's social networking accounts via information stored in cookies and automatically send more bogus invitations to the user's friends. Koobface is an ongoing threat that is likely to continue evolving and targeting Facebook users and other social networkers for some time to come.

Moreover, the information about a supposed virus disguised as a user with the name "Smartgirl 15" has no basis in fact whatsoever. The "Smartgirl 15" warning is just one more in a long line of absurd hoaxes that claim that you can allow a hacker or a virus on to your computer just by adding a specified name to your contact list. From time to time some prankster simply adds a new username or email address to the hoax and sends it on. As the following older version reveals, these silly hoaxes use very similar phrasing and make the same bogus claims:
if somebody called Cobie_mutch_60 adds u to dont accept it. Its a virus. Tell everyone on u r msn coz if somebody on r list adds them u get the virus too. copy and paste it to everyone AND fast
The supposed threats described in these hoaxes are technically impossible. The messages suggest that just accepting a person as a "friend" on your contact list will give the virus access to your computer along with the computers of everyone else on your list as well. This is total nonsense. The messages imply that the username itself is a virus. This is not possible. To be infected, some sort of file transfer needs to take place. If an account was configured to automatically accept files from a contact list, then it is possible that a virus could be sent by this new and sinister "contact". But even if the virus was sent in this way, the recipient would still have to explicitly open the file before a computer was infected.

Another misleading claim in the "Knob Face" warning is that the "virus" will shut down the infected computer. However, disabling the compromised computer is certainly not the goal of the criminals who distribute the real Koobface. Their goal is to use the infected computer to spread the worm to other users, create ongoing connections with other compromised computers, download other malware components and display advertisements on the compromised computers via hijacked search queries. Thus, these criminals are not about to shut down infected computers and thereby make them inaccessible.

Thus, spreading this garbled and inaccurate "warning" will serve only to spread misinformation and confusion among social network users. Certainly Koobface is real, along with many other security threats that target Facebookers. However, the inaccuracies and falsehoods contained in this "Knob Face" message mean that it has no merit or validity as a warning whatsoever and should not be reposted.

No comments:

Related Posts Plugin for WordPress, Blogger...