The report cites the Facebook threat, “Koobface,” as a powerful form of attack that hijacks a users profile. Koobface infects a machine by getting a user to click on a malicious video link that takes you to a page to “update your video player.” Victims then install this Trojan, which steals your Facebook information and sends the same link to everyone in your friends list.
Another major Trojan that’s being spread around Facebook is the “Zeus” malware, also known as The Citadel Trojan. This Trojan horse is targeting public and private enterprises, mainly in Europe. Zeus works much the same as Koobface, infecting a user’s machine to mine private information like passwords. This allows hackers to gain access to a victim’s accounts, even replacing banking sites with its own dummy site, allowing hackers to completely deplete your account.
This isn’t the first time Zeus showed up in the wild. Gizmodo reports that Zeus appeared as early as 2007 and has passwords and information from both Amazon and NASA.
Erik Feinberg, the founder of the advocacy group Fans Against Kounterfeit Enterprise, has approached Facebook about the seriousness of the Zeus Trojan but was met with an uninspired response. The New York Times reached out to Facebook for a response, where then a spokesperson reminded users to actively scan for malware with apps like Kaspersky, McAfee, and Avast.
While these apps are effective, your first line of defense should always be common sense. If a link looks suspicious, don’t click on it.