17 Nov 2010

Koobface malware raked in millions from Facebook, Twitter users

According to a recent report, the Koobface malware made more than $2 million between June 2009 and June 2010 through its botnet. Koobface targets social networking websites, spreading spam through users’ accounts.

The report, written by Nart Villeneuve, a chief research officer for an internet security firm, said that Koobface tricked users into installing malware and paying for fraudulent services.

“Through the use of pay-per-click and pay-per-install affiliate programs, Koobface was able to earn over $2 million between June 2009 and June 2010 by forcing compromised computers to install malicious software and engage in click fraud,” wrote Villeneuve in a blog post.

Koobface spreads through sites[,] such as Facebook and Twitter, where it hijacks users’ accounts to spread infected links. Users’ friends and followers might click these links, which download malicious software. Users are then prompted to purchase pay-per-click services and rogue antivirus software.

The report was turned over to authorities. It was instrumental in the disabling of three Koobface servers.

Koobface has been one of the most virulent malware strains. Variants have even emerged on Macs. The Boonana malware, a variation of Koobface, targets Macs and was labeled as a critical threat by an internet security site.