05. July 2010 · Comments Off on Koobface trojan continues to plague Facebook · Categories: Malware, Next Generation Firewall, Palo Alto Networks, Security-Compliance, Social Engineering · Tags: ,

Trend Micro’s research lab is reporting that the Koobface trojan continues to put unsuspecting Facebook users at risk. Because Koobface is really a bot, its Command & Control infrastructure can and does change the message and the link you receive to lure you a page that will download the Koobface trojan onto your system.

You could ask, why can’t Facebook eradicate Koobface? Apparently, they are not seeing a significant number of users canceling their accounts due to Koobface and other malware to warrant the investment.

Why not simply block Facebook? If the business side of the organization (sales and marketing) is OK with that, then blocking Facebook in the office is a reasonable step. There are two issues to consider:

  1. Increasingly, sales and marketing departments want to take advantage of Facebook and other social networking sites to reach current and prospective customers.
  2. Even if you do block social networking sites in the office, laptop users who travel or just use their laptops at home are at risk of being exploited by malware from social networking sites.

Palo Alto Networks’ next-generation firewall solves the first issue today and has announced GlobalProtect, which will solve the second issue in its next release at the end of 2010.