The real face of Koobface: the largest web 2.0 botnet explained
(Publication) Google search: [1]
| The real face of Koobface: the largest web 2.0 botnet explained | |
|---|---|
| Botnet | Koobface |
| Malware | |
| Botnet/malware group | |
| Exploit kits | |
| Services | |
| Feature | |
| Distribution vector | |
| Target | |
| Origin | |
| Campaign | |
| Operation/Working group | |
| Vulnerability | |
| CCProtocol | |
| Date | / |
| Editor/Conference | Trend Micro |
| Link | http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp the-real-face-of-koobface.pdf www.trendmicro.com (www.trendmicro.com Archive copy) |
| Author | Jonell Baltazar, Joey Costoya, Ryan Flores |
| Type | |
Abstract
“ Nothing encapsulates the Web 2.0 concept more than social networking sites, which provide users the ability to connect, communicate, and share with others. Social networking sites also serve as a platform for the advertising industry. They allow businesses to become known globally with ease since social networking sites users are distributed in different geographical locations. They also allow business owners to have a “personal” connection with customers and a place to find and to get to know potential employees.
Leading the way through the Web 2.0 social networking revolution is Facebook, the world’s largest social networking site. By opening the Facebook development platform to the public, the site also opened its doors so developers can create applications within the social network.
Facebook slowly transformed the computing landscape with its application framework. Instant messaging (IM), private messages, and interactive games replaced their desktopbased counterparts. The vision of making the browser a platform is slowly materializing with every new application developed for and by Facebook.
For cybercriminals, the shift from desktop-based applications to Web-based ones, particularly those on social networking sites, presents a new vector for abuse. As more and more people communicate through social networks, the more viable social networks become malware distribution platforms.
These types of paradigm shifts in malware distribution have occurred before. Viruses piggybacked on files because people exchanged floppy disks frequently back then. Email as a delivery platform was abused by spammers and email-based worms. The same was true for IM applications.
Now, as we see another shift in technology and user behavior, with social networking sites becoming a dominant medium, it is no surprise that a new type of malware — KOOBFACE — rides on this new means of propagation.
KOOBFACE is a revolutionary malware, being the first to have a successful and continuous run propagating through social networks. Its success can, unfortunately, set a precedent for other malware families to abuse social networking sites.
In this paper, we attempt to dissect KOOBFACE by component in order to allow users to understand what the KOOBFACE threat is and what it does.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permittedBFR859,
editor = {Trend Micro},
author = {Jonell Baltazar, Joey Costoya, Ryan Flores},
title = {The real face of Koobface: the largest web 2.0 botnet explained},
date = {19},
month = Apr,
year = {},
howpublished = {\url{http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp_the-real-face-of-koobface.pdf www.trendmicro.com}},
}