March 5, 2009 by sumisoft
Current Facebook vulnerability --- be aware of invites to view a video (see below)
Malicious Code Targeting Social Networking Site Users
Original release date: March 4, 2009 at 11:53 am
Last revised: March 4, 2009 at 11:53 am
US-CERT is aware of public reports of malicious code spreading via
popular social networking sites including myspace.com, facebook.com,
hi5.com, friendster.com, myyearbook.com, bebo.com, and
livejournal.com. The reports indicate that the malware, named
Koobface, is spreading through invitations from a user's contact that
include a link to view a video. If the users click on the link in this
invitation, they are prompted to update Adobe Flash Player. This
update is not a legitimate Adobe Flash Player update, it is malicious
code.
Additionally, some of the reports indicate that there are multiple
bogus Facebook applications being used to obtain users' private
information.
