Net-Worm.Win32.Koobface.fwz virus passed through Facebook and Youtube

Hey all,

I got a post today in Facebook:

You Tube
http://merzoukiklaudia.blogspot.com/

When I click on it, I am taking to a Youtube video that downloads a file called Setup.exe.

Three obvious things tipped me off that this was a virus:
1. The video said it needed Flash 10.37 to run, but I had the latest Flash.
2. The file was named “setup.exe” and not something like
3. I didn’t notice at first that it was asking for flash 10.37 and the lastest version is 10.32.

So working for LANDesk which provides Antivirus (using Kaspersky) I naturally noticed this as a virus right away. It is pretty close to a Zero day virus. A Zero day virus means that most Antivirus companies don’t have content to detect and scan for a virus. However, about half the anti virus companies have released updated virus definitions for this virus today.

So it was probably released yesterday or as long as a few weeks ago and just now got detected.

This the the Net-Worm.Win32.Koobface.fwz virus according to Kaspersky.

Leave a Reply

How to post code in comments?