'Koobface' Virus Attacks Facebook

Koobface, which already made the rounds on MySpace, is now worming its way through Facebook. The Koobface virus uses Facebook's private messaging system to infect computers via a shared video.

Unsuspecting users will see a video link (shared by an infected friend) with the message, "You look just awesome in this new movie." Click the link will lead you to an outside site where you're told that you need to download a Flash update, which is actually a virus file. Once the virus is installed, it will try to grab sensitive data off your PC, like credit card numbers.

In a way this a very old virus; it operates much like mass-mailing worms that used to infest Usenet and e-mail lists. But it's proving an effective tactic on social networks where private messages from friends seem more trustworthy than traditional e-mail, which even the most neophyte web users have come to distrust.

With its some 120 million users, Facebook is not only a potentially lucrative target, but it's well into the mainstream, which means more gullible, less internet-savvy users for virus creators to prey on.

The virus watchdog blog for McAfee labs reports that Facebook is aware of the Koobface attack and is already working to remove the spammed links from its system. But with dozens of Koobface variants known to exist, McAfee warns that "the situation is likely to get worse before it gets better." 

In the mean time, the best way to avoid Koobface is to adhere to the tried and true rule of internet safety: never open unexpected e-mail attachments, videos or other links, even if they are from someone you know.

Should your PC be infected the Koobface worm, the Facebook security blog suggests resetting your password and running updated anti-virus software to purge the worm from your system.