Ryan Naraine on the Koobface Expose and SCADA 0-Day Disclosures

Dennis Fisher talks with long-lost Threatpost editor Ryan Naraine about the intricacies of the disclosure of the identities of the alleged Koobface gang members, whether we’ll see more of that kind of action and whether the recent trend toward disclosing 0-days in SCADA systems will continue.

Koobface Gang Apparently Hiding in Plain Sight

The individuals allegedly responsible for wreaking havoc on Facebook with the infamous Koobface botnet are living lavishly, blatantly flaunting their ill-gotten gains and taking little precautions to cover their tracks. Their locations, travels, business ventures, social media personas, Internet and real-life identities are apparently well-documented, but no one seems to be able to do anything about it.

Infographic: Facebook Security In A Nutshell

As Facebook’s population has grown from thousands to millions to hundreds of millions, security has come to be an even greater concern. In recent years, the company has had to respond to threats ranging from spam to Facebook-specific malware like Koobface, all the while keeping scammers and identity thieves at bay.

VANCOUVER – Working as Facebook’s resident malware researcher is a lonely job, for now. But Nick Bilogorskiy doesn’t expect it to stay that way. In fact, Facebook’s biggest security challenge will be building up its capabilities to identify and tamp down malware infections like the 2009 Koobface worm.

By Stefan TanaseYesterday’s shut down of Troyak-as was definitely good news for the whole IT security community. Seeing cybercriminals getting kicked out from the Internet and then trying to get back inside calls for popcorn and soda.But unfortunately, as some botnets struggle, others stay unaffected: Koobface, for example, which uses compromised legitimate websites as proxies for their main command and control server.

The Koobface botnet is the tip of the iceberg for the
malicious operations of the online crime ring. Here are the top 10 things you
didn’t know about the Koobface gang. Read the full article. [ZDNet]

By Gunter Ollmann, Damballa2009 saw many, many new botnet outbreaks and advancements in their criminal management. Throughout the year Damballa  tracked thousands of distinct criminal operated botnets and identified millions of newly compromised enterprise systems each day. This week I’m going to share some of our findings from the year now that we’ve finished analyzing terabytes of unique Command and Control (CnC) data.

A particular variant of the Koobface worm — dubbed Koobface.GK – initiates by posting malicious links on Facebook wall pages enticing folks to click on a cutesy Christmas video. Read the full article. [The Last Watchdog]

The Koobface botnet, one of the most efficient social engineering driven botnets, is entering the Xmas season with a newly introduced template spoofing a YouTube video page, in between enticing the visitor into installing a bogus Adobe Flash Player Update (New Koobface campaign spoofs Adobe’s Flash updater), which remains one of the most popular social engineering tactics used by the botnet masters. Read the full article. [ZDNet]

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.