Feeds

Cockeyed 'Knob Face' confusion masks real malware threat

Obama viral vid hoax makes mischief

Secure remote control for conventional and virtual desktops

Wrong-headed warnings about a worm spreading across Facebook are causing confusion about a real threat.

If you believe messages doing the rounds on the social networking site then a "Trojan worm" called "Knob Face", which poses as supposed footage of an outrageously unlikely affair between Barack Obama and Hillary Clinton, represents a severe information stealing threat.

Not so.

Rumours in the same messages that adding someone called 'smartgirl 15' as a contact will result in viral infection are also dead wrong.

Misconstrued warnings along these lines have become commonplace on Facebook over the last week or so, as a quick search of the social networking site illustrates.

Strains of sophisticated malware family called Koobface have menaced Facebook and members of other social networks for months. Prospective victims are typically encouraged to download malware disguised as a Flash update from a third-party website.

But the real malware - which is designed to promote scareware and make money from so-called click fraud (as explained here) - has nothing to do with either fictitious Obama affair video lures or smartgirl 15.

By warning about "Knob Face" (the wrong name), and including two inaccurate pointers to how you can identify the attack well-meaning users are doing more harm than good, net security firm Sophos notes. It advises that users should only share warning about viral threats after double checking them with credible sources, rather than just passing on attention-grabbing snippets without pausing to think.

Viral hoaxes have been a problem for years, creating an unnecessary distraction while spreading confusion and distracting from real threats.

"Virus hoaxes are actually harder to kill off than real viruses - unlike computer malware, hoaxes have spread not just via computers but by Ed Stewart repeating them on the radio, in the newspapers, and while having a chat down the pub," explained Graham Cluley, senior technology consultant at Sophos.

"As social networks like Facebook are the new place to 'hang out and chat with your friends', they provide perfect conditions for hoaxes to spread at breakneck speed."

"Although no official research has been done on the subject, it is estimated that hoaxes can cost you even more than a genuine virus incident. After all, no anti-virus will detect hoaxes because they aren't viruses.

"Some companies panic when they receive a hoax virus warning and assume the worst." ®

Beginner's guide to SSL certificates

More from The Register

next story
'Regin': The 'New Stuxnet' spook-grade SOFTWARE WEAPON described
'A degree of technical competence rarely seen'
You really need to do some tech support for Aunty Agnes
Free anti-virus software, expires, stops updating and p0wns the world
You stupid BRICK! PCs running Avast AV can't handle Windows fixes
Fix issued, fingers pointed, forums in flames
Regin: The super-spyware the security industry has been silent about
NSA fingered as likely source of complex malware family
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Patch NOW! Microsoft slings emergency bug fix at Windows admins
Vulnerability promotes lusers to domain overlords ... oops
HACKERS can DELETE SURVEILLANCE DVRS remotely – report
Hikvision devices wide open to hacking, claim securobods
prev story

Whitepapers

Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
10 threats to successful enterprise endpoint backup
10 threats to a successful backup including issues with BYOD, slow backups and ineffective security.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.