Home Your IT Home IT Koobface slips past antivirus defences
Get all your tech news delivered to your mail box five days a week
iTWire UPDATE - it's FREE!


If you've been wondering why Koobface seems to be infecting so many computers, it could be because a majority of antivirus packages have been unable to detect it.

Koobface is a worm that spreads through social networking sites. It works by sending bogus messages or comments to the infected user's friends.

These texts include links to malicious sites that purport to offer video clips. If visitors follow the link, they are told that they need to install a new version of Flash and are offered an 'updater' which is actually installs malware.

A test run using the Virustotal service reported that as at December 5, only 15 out of 38 antivirus products could detect the current version of Koobface.

Big name products generally detected the culprit. Examples include CA, McAfee, Microsoft, Sophos, and Symantec.

But some widely-used products failed to warn that the download was malicious. Among them were software from Avast, AVG, ClamAV, F-Secure, Kaspersky and PC Tools.

Note that some or all of those vendors may have updated their products since Virustotal carried out its tests.

But here's the curious thing.

The Virustotal results have been publicised - and the sample may even have been submitted by - by the ThreatFire research team. And ThreatFire is part of PC Tools: one of the companies whose AV scanners could not detect Koobface.

That's what we call "without fear or favour."

RECRUITMENT & RETENTION REPORT 2013

HIRE OR FIRE? BUY OR BUILD

2013 is well underway and Australian companies need to know whether they should invest in IT skills training or pay a premium for the people they need.

If you want to know which choices are being made in your sector, what skills are hard to find, which sectors intend to hire or fire and where the IT spend is going, this free report is must have.

GET YOUR REPORT NOW

Stephen Withers

joomla visitors

Stephen Withers is one of Australia¹s most experienced IT journalists, having begun his career in the days of 8-bit 'microcomputers'. He covers the gamut from gadgets to enterprise systems. In previous lives he has been an academic, a systems programmer, an IT support manager, and an online services manager. Stephen holds an honours degree in Management Sciences, a PhD in Industrial and Business Studies, and is a senior member of the Australian Computer Society.

Connect

http://bs.serving-sys.com/BurstingPipe/adServer.bs?cn=tf&c=19&mc=imp&pli=5460041&PluID=0&ord=[2000]&rtu=-1