It is nothing new that crackers take advantage of the main festive seasons to trick less cautious users. PandaLabs, from Panda Security, has issued an alert for a new variant of Koobface.GK that uses a video of Happy Holidays votes as a decoy and is being broadcast via Facebook.
The growing popularity of the social network increasingly justifies its use for these attacks. Koobface, whose name is an anagram of Facebook, was designed to attack social networks, with variants for MySpace, hi5, Bebo, Friendster and Twitter.
In this case the links to worm are being broadcast through the Facebook Wall, a wall where users post their messages, pointing to a supposed YouTube video with Happy Holidays wishes, but whose page is fake.
Viewing the video or the click on one link that page, leads to the transfer of worm and its installation, with an image being presented for confirmation with the CAPTCHA system. If the confirmation word is not entered correctly, the system threatens to restart the computer in three minutes.
According to Panda, despite this not happening it is impossible to continue using the computer.
In case the confirmation word is successfully entered the worm register a new domain where the video will be hosted before continuing to distribute.
In the list of malware specially “dressed” for Christmas is MerryX.A, a Trojan that appeared in 2005 and infected more than 50,000 computers in just one week. The Navidad virus family is also at the top of the viruses that have caused the most damage.
Just last week, TeK published a suggestion that made some recommendations on how users can protect themselves from the dangers that appear on the Internet at this time, including viruses and worms.