Koobface? The name given to a computer worm that uses Facebook's messaging system to infect PCs in an attempt to gather sensitive information such as credit card numbers.
Koobface propagates by sending notes to Facebook friends of someone whose PC has been infected. The messages, with subject headers like, "You look just awesome in this new movie," direct recipients to a Web site where they are asked to download what it claims is an update of Adobe Systems Inc's Flash player.
If they download the software, users end up with an infected computer, which then takes users to contaminated sites when they try to use search engines from Google, Yahoo, MSN and Live.com, according McAfee.
The Koobface virus also attacks users of the MySpace social networking site. Variants of the worm include Net-Worm.Win32.Koobface.a. and Net-Worm.Win32.Koobface.b.
Facebook Hit With 'Koobface' Virus
Facebook's 120 million users are being targeted by a virus dubbed "Koobface" that uses the social network's messaging system to infect PCs, then tries to gather sensitive information such as credit card numbers.
It is the latest attack by hackers increasingly looking to prey on users of social networking sites.
"A few other viruses have tried to use Facebook in similar ways to propagate themselves," Facebook spokesman Barry Schnitt said in an e-mail. He said a "very small percentage of users" had been affected by these viruses.
"It is on the rise, relative to other threats like e-mails," said Craig Schmugar, a researcher with McAfee Inc.
Koobface spreads by sending notes to friends of someone whose PC has been infected. The messages, with subject headers like, "You look just awesome in this new movie," direct recipients to a website where they are asked to download what it claims is an update of Adobe Systems Inc's Flash player.
If they download the software, users end up with an infected computer, which then takes users to contaminated sites when they try to use search engines from Google, Yahoo, MSN and Live.com, according McAfee.
McAfee warned in a blog entry on Wednesday that its researchers had discovered that Koobface was making the rounds on Facebook.
Facebook requires senders of messages within the network to be members and hides user data from people who do not have accounts, said Chris Boyd, a researcher with FaceTime Security Labs. Because of that, users tend to be far less suspicious of messages they receive in the network.
"People tend to let their guard down. They think you've got to log in with an account, so there is no way that worms and other viruses could infect them," Boyd said.
Social network MySpace, owned by News Corp, was hit by a version of Koobface in August and used security technology to eradicate it, according to a company spokeswoman. The virus has not cropped up since then, she said.
Privately held Facebook has told members to delete contaminated e-mails and has posted directions at www.facebook.com/security on how to clean infected computers.
Richard Larmer, chief executive of RLM Public Relations in New York, said he threw out his PC after it became infected by Koobface, which downloaded malicious software onto his PC. It was really bad. It destroyed my computer," he said.
McAfee has not yet identified the perpetrators behind Koobface, who are improving the malicious software behind the virus in a bid to outsmart security at Facebook and MySpace.
"The people behind it are updating it, refining it, adding new functionalities," said McAfee's Schmugar.
Tak puas beraksi di situs jejaring sosial Facebook, trojan Koobface mulai melakukan invasi ke situs jejaring sosial lain yang cukup digemari pengguna internet bernama Bebo. Motif serangan yang dilancarkan hampir sama seperti yang menimpa Facebook dan MySpace beberapa waktu lalu. Koobface melancarkan aksinya dengan mengirimkan pesan yang memerintahkan penerimanya untuk membuka link yang sudah disisipkan trojan. Jika link tersebut diklik, user akan diminta untuk meng-update Flash Player mereka. Bukannya update yang didapat, user malah dijerumuskan untuk men-download program jahat ke komputer.
Menurut perusahaan keamanan ScanSafe, seperti dikutip detikINET dari Vnunet, Jumat (12/12/2008), trojan ini akan mencoba mencuri informasi penting seperti nomor kartu kredit. Senior peneliti keamanan ScanSafe, Mary Landesman, mengimbau agar pengguna tidak sembarangan mengklik link yang mereka terima secara mendadak, sekalipun link tersebut berasal dari seseorang yang Anda kenal. Detik
Technical detail by symantec
Discovered: August 3, 2008
Updated: August 3, 2008 6:04:48 PM
Also Known As: Net-Worm.Win32.Koobface.b [Kaspersky], W32/Koobface.worm [McAfee], Boface.A [Panda Software]
Type: Worm
Infection Length: 16,652 bytes
Systems Affected: Windows 98, Windows 95, Windows XP, Windows Me, Windows Vista, Windows NT, Windows Server 2003, Windows 2000
When the worm executes, it copies itself as the following file: c:\windows\mstre6.exe
It also creates the following file which serves as an infection marker: c:\windows\tmark2.dat
It then creates the following registry entry so that it runs every time Windows starts: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Current Version\Run\"systray" = "c:\windows\mstre6.exe"
The worm deletes the following registry key: HKEY_CURRENT_USER\AppEvents\Schemes\Apps\Explorer\Navigating
When executed for the first time on a given machine it will display the following message box in order to distract user's attention from its real purpose: Window title: Error Window body: Error installing Codec. Please contact support.
Then it searches for cookies related to social networking sites. If none are found, the worm deletes itself.
If the worm finds the appropriate security cookie, it modifies the settings so that links to malicious sites will be added to the user's profile to trick visitors into following. These links will point to a copy of the worm disguised as a video codec.
Recommendations
Symantec Security Response encourages all users and administrators to adhere to the following basic security "best practices":
Use a firewall to block all incoming connections from the Internet to services that should not be publicly available. By default, you should deny all incoming connections and only allow services you explicitly want to offer to the outside world.
Enforce a password policy. Complex passwords make it difficult to crack password files on compromised computers. This helps to prevent or limit damage when a computer is compromised.
Ensure that programs and users of the computer use the lowest level of privileges necessary to complete a task. When prompted for a root or UAC password, ensure that the program asking for administration-level access is a legitimate application.
Disable AutoPlay to prevent the automatic launching of executable files on network and removable drives, and disconnect the drives when not required. If write access is not required, enable read-only mode if the option is available.
Turn off file sharing if not needed. If file sharing is required, use ACLs and password protection to limit access. Disable anonymous access to shared folders. Grant access only to user accounts with strong passwords to folders that must be shared.
Turn off and remove unnecessary services. By default, many operating systems install auxiliary services that are not critical. These services are avenues of attack. If they are removed, threats have less avenues of attack.
If a threat exploits one or more network services, disable, or block access to, those services until a patch is applied.
Always keep your patch levels up-to-date, especially on computers that host public services and are accessible through the firewall, such as HTTP, FTP, mail, and DNS services.
Configure your email server to block or remove email that contains file attachments that are commonly used to spread threats, such as .vbs, .bat, .exe, .pif and .scr files.
Isolate compromised computers quickly to prevent threats from spreading further. Perform a forensic analysis and restore the computers using trusted media.
Train employees not to open attachments unless they are expecting them. Also, do not execute software that is downloaded from the Internet unless it has been scanned for viruses. Simply visiting a compromised Web site can cause infection if certain browser vulnerabilities are not patched.
If Bluetooth is not required for mobile devices, it should be turned off. If you require its use, ensure that the device's visibility is set to "Hidden" so that it cannot be scanned by other Bluetooth devices. If device pairing must be used, ensure that all devices are set to "Unauthorized", requiring authorization for each connection request. Do not accept applications that are unsigned or sent from unknown sources.
For further information on the terms used in this document, please refer to the Security Response glossary.
Admin of Java[at]Saindra says : DIGSBY IS AN AWESOME APPLICATION, CONGRATULATION FOR THIS AWARD..!Java[at]Saindra
LifeHacker
We’re proud to announce that we’ve been named one of LifeHacker’s Best New and Improved Software Products of 2008. The other products to make the list are: Firefox 3, Google Chrome, iPhone 2.0, Google Android, iPhone JailBreak, Xbox Media Center, Ubuntu Linux, and Gmail.
It’s humbling to be listed with these other amazing products. This award belongs to you as much as it belongs to us. Thank you for helping guide our development process with all your feedback and suggestions.
Crunchies
Nominations for the 2008 “Crunchies” are still open. The Crunchies is an award ceremony organized by TechCrunch, GigaOm, and VentureBeat to honor the best startups of 2008. You are allowed to vote once per day between now and December 10th. Please show your support by nominating us for any (or all) of the following categories:
Thanks to all your votes, we made it to the final round of the Mashable Open Web Awards! We need your help in this final round so we can bring home the award for Best Social Networking Application! You can vote once per day using the widget below.
What is DIGSBY..??
Digsby is application for connecting to many more IM, Email and Social Network at once time. It's featured is :
Support Email likes Gmail, Yahoo! Mail, POP Mail, IMAP Mail, and AOL/AIM Mail. Digsby can checking your email, so you can read, mark as read, save, and delete your email fastly without open your email account in your internet browser. It's work ini your desktop..!! More efficiently..!! Try It..!!
Artemisias, or wormwoods, are rugged perennial herbs with varied leaf forms that are usually selected for their silvery foliage color. The flowers are insignificant yellowish daisies. Some types are woodier or shrubbier than others. Size ranges from four inches to over four feet.
How to grow: Artemisias tolerate drought, heat, and cold but not wet feet in winter. They grow in any decent garden soil with good drainage. Plants perform best in full sun and become somewhat leggy in partial shade.
Propagation: By division in early spring, also from seed.
Uses: Low-growing types of artemisia can be used at the front of borders and in rock gardens. Tall types are good toward the back in flower borders and can be massed by themselves.
Related species: Artemisia absinthium is the common herbal (but somewhat toxic) wormwood, called absinthe. A. ludoviciana is known as southernwood and white sage -- Silver King -- is a popular cultivar. A. frigida forms low mats and can be pruned to shape.
Scientific name : Artemisia species
2. Spearmint
Spearmint is a perennial herb and a refreshing member of the mint family. Often used in chewing gum, breath mints, and toothpaste, spearmint also makes a useful culinary herb.
Spearmint has rich green leaves that give off a wonderful fragrance when rubbed.
The toothed, rich green leaves of this perennial give off a wonderful aroma when rubbed. Though not a very large plant, spearmint should be grown where the roots can be contained, as they spread rapidly.
Spearmint Quick Facts: Scientific Name:Mentha spicata Common Name: Spearmint Type of Plant: Perennial herb Growing Zones for Spearmint: Hardy to zone 4 Growing Conditions for Spearmint: Preferably sun
3. Calamint
Calamint is a perennial herb and a member of the mint family. Great for the scented garden, it also attracts the attention of the local bee population.
Calamint both looks andsmells delightful.
This low-growing herb has pleasant mint-scented leaves, and its tiny but profuse white or pale lilac flowers appear in late summer to fall. Calamint loves sunny spots, and although small in stature, it will spread.
Calamint Quick Facts: Scientific Name:Calamintha nepetoides Common Name: Calamint Type of Plant: Perennial herb Growing Zones for Calamint: Hardy to zone 4 Growing Conditions for Calamint: Sun
4. Licorice Plant
The licorice plant is an intriguing species in high demand for its unique foliage, and growers cultivate the plant all year long. It is related to strawflowers and comes from arid lands in South Africa.
The interesting foliage of licorice plant has made it a very popular annual. See more pictures of herb gardens.
Description of licorice plant: Licorice plant is a mound-forming or trailing shrub, which, when grown as an annual, bears stems that reach about 20 inches long. They are covered with furry, silver, heart-shaped leaves, also available with cream or yellow coloration. If allowed to flower late in the growing season, it produces cream-colored flower heads.
How to grow licorice plant: Grow in well-drained soil of moderate fertility or ordinary peat-based potting mix in full sun to light shade.
Propagating licorice plant: Root cuttings of firm shoots in summer to winter indoors and then replant in spring.
Uses for licorice plant: Blend a single, silver-leaved plant in a pot with cool blue and purple or warm red and pink flowers. Try the golden-leaved form with warm orange and red flowers. You also can plant masses of either color in annual beds for the contrasting foliage and season-long color.
Licorice plant related varieties: 'Limelight' has yellow-green leaves and grows best in light shade. 'Variegatum' has cream-variegated silver leaves.
Scientific name for licorice plant: Helichrysum petiolare
5. Dill
Dill is a beautiful annual, which is edible as well as ornamental. The foliage, flowers, and dill seeds have a marvelous flavor while the upright plants, feathery foliage, and yellow flowers look great in flower borders or mixed gardens.
Description of dill: Dill has hollow, ridged, upright stems that reach to about 2 feet high and are topped with airy, umbrella-shaped clusters of tiny yellow flowers.
How to grow dill: Plant seeds in full sun and well-drained, average to fertile soil, thinning seedlings to 8 to 12 inches apart. Dill grows quickly from a ferny sprout to a tall flowering specimen. Once it sets seed, the plant quickly deteriorates, a good reason for replanting every couple weeks through the early half of the growing season.
Propagating dill: Plant dill seeds directly in the garden from late spring through the middle of summer. Self-sown seeds may emerge from around old plants if the soil is not disturbed.
Uses for dill: Dill makes a wonderful upright accent plant in large container gardens or mixed flower beds. Or use it for color and flavor in a decorative vegetable and herb garden.
Dill related varieties: 'Bouquet' is a compact dwarf, less likely to tip over in the wind. Compact 'Fernleaf,' an award winner, is slower to flower and set seed and therefore provides a longer harvest of the aromatic leaves.
Semua content dari blog ini bersifat open-source. Silahkan memperbanyak, menyebarluaskan, mencetak, dan memodifikasi asalkan tetap mencantumkan author dan alamat blog ini. Terimakasih. DONT BE A PLAGIATOR!!
