A new variant of Koobface virus that is well known for sending spam messages over the social networking websites is recently spreading spam messages over the Facebook. Expert says. Facebook users are also reported receiving spam messages such as
When users click on the link they will be redirected to another url, asking users to update their version of flash player. In the mean time users are also asked to Download and install Flash Player(Fake Flash Player), actually it’s new Koobface variant. If users approve the installation of fake flash player Koobface will download and install “tinyproxy.exe”. This exe loads a proxy server called “Security Accounts Manager” next time when the computer boot. Koobface will proxy all outgoing Internet traffic to “Security Accounts Manager” via listening on TCP port 9090.
If user install the fake flash player update then they will get this fake error message
According McAfee avertlabs
Facebook is already aware of this threat and is purging the spammed links from their system. But with dozens of Koobface variants known to exist, the situation is likely to get worse before it gets better. McAfee Advises users not to open any unexpected e-mail attachments, even if they are from someone you know.
