Twitter, Facebook, and LiveJournal all were hit by distributed-denial-of-service (DDoS) attacks on Thursday, an apparently organized, concentrated effort on several social networking sites.
So far, no reasons or methodologies for the attacks have surfaced. One researcher, however, has posted what he thinks might be a possible cause for the Twitter attacks: a new variant of the “Koobface” virus.
“Today’s outage is happening at the same time a new version of the Koobface malware was found in the wild,” Paul Henry, a security researcher for Lumension Security, wrote in a blog post. “This malware is using both Twitter and Facebook messages to send invitations that are designed to lure potential victims to fake anti-virus web pages. The speculation is that the onslaught of bogus messages that are directing users to malicious pages may in fact be overwhelming Twitter.”
The interesting point that Henry brings up is that Koobface uses both Facebook and Twitter to spread its payload, two of the three sites that were hit. PCMag.com’s Security Watch blog has reported on Koobface using Twitter as well as a new variant that preys on Facebook users. Both tease users with some sort of interesting video, then ask the user to download a “codec” that actually contains the worm itself. Then the process repeats itself.
Both McAfee and Symantec have said via statements that they continue to investigate the attacks, and have not discovered any concrete reasons or methodologies behind them. However, as Henry notes, the lesson is a simple one: “This comes back to basic email, Twitter and blogging security practices – do not click on links that come from untrusted sources.”
Originally posted to AppScout.
- Stumble upon something good? Share it on StumbleUpon
- Tweet This!
- Digg this!
- Share this on del.icio.us
- Share this on Reddit
- Buzz up!
- Share this on Technorati
- Share this on Mixx
- Share this on Facebook
- Subscribe to the comments for this post?
- Share this on Linkedin
- Seed this on Newsvine
- Add this to Google Bookmarks
- Add this to Mister Wong
- Post this to MySpace