This is really easy!!! Koobface is an anagram of Facebook!!! Now you know all you need to know about Koobface.
Seriously, I can tell you that Koobface is a family of threats that spread through social networking sites, but how does that help you? There are other threats on social networking sites as well. The key to protecting yourself is by using a combination of good practices as well as antivirus software. The good practices are much more effective as they protect against threats that don't run malware as well.
Typically Koobface will show up as a link, often to something that claims to be a sexy video. Guess what… the Koobface gang doesn’t have a copyright or patents, so other malware can and does do the same thing.
When you click the link it will take you to a video and try to install other malicious software, or trick you into installing it. Other malware does this too.
Once that is done Koobface can use your account to spread the links, and it can do other things, like installing fake antivirus software, password stealers, and other threats that steal information from your computer.
There isn’t a specific defense against Koobface. The defense is the same for lots of malware. Check with your friends to see if they meant to send you a link. This goes for all instant messaging programs as well as for social networking sites. Ask what the link is for, even if it tells you it is a sexy video. If you click and it says you need more software, an update, etc., close your browser and don’t install anything, it is malicious. You don’t need an update to view a movie. If you do need an update then you are at the wrong place. Only update Flash, Acrobat, Reader, and other Adobe applications from the Adobe web site. Never, ever, ever install a flash update from something that looks like a video that says you need a flash update. If you install from Adobe, then your flash player is up to date and the message that it needs to be updated is a lie.
To tell the truth, I’m not really all that interested in what malware does, all I care about is not getting it in the first place. If my computer were to get infected, I would rebuild it completely and then change all of my passwords. Yeah, it is a hassle, but that is how you deal with a malware infection securely.
When you go to cross the street, does it matter how much horsepower the car coming down the street has or is it enough to just make sure it doesn’t run you down?
Practice safe computing and what Koobface happens to be doing today won’t be an issue for you! The information I can give you today may not be applicable to the next version of Koobface or other threats.
Director of Technical Education
Author ESET Research, ESET