Sign up for our newsletter
Technology / Cybersecurity

Group behind the Facebook ‘Koobface’ malware uncovered

Facebook has identified five people allegedly held responsible for the Koobface worm.

Koobface is a computer worm that specifically targets users of social networking sites like Facebook, Twitter, Friendster, and MySpace. The worm gathers login information from social media platforms if it has been successfully infiltrated. The worm is nightmare for owners of infected computers as additional pay-per install malware is installed as well search queries being taken over to display advertisements. The virus has been designed to infect Mac OS X, Microsoft Windows and works on Linux in a limited manner.


The IT security and data protection firm, Sophos, confirmed Facebook’s identification of the alleged perpetrators as: Alexander Koltyshev, Syvatoslav Polinchuk, Anton Korochenko, Roman Koturbach, and Stanislav Avdeiko.

White papers from our partners

A study by the Information Warfare Monitor showed that the operators of this group have generated over $2m from the summer of 2009 to 2010.

Sophos malware experts and researchers said that Koobface, an anagram of "Facebook" is so sophisticated it can even create its own social networking accounts, so that it can aggressively post links helping it to spread further. The creators of Koobface, whose names have not been public until today, earn millions of dollars every year by compromising computers.

"It’s an incredible detective story of tireless investigation, which involved scouring the internet, searching company records and taking advantage of schoolboy social networking errors made by the suspected criminals, their friends and family. We know the gang’s names, their phone numbers, where their office is, what they look like, what cars they drive, even their mobile phone numbers," said Graham Cluley, senior technology consultant at Sophos. "Now we have to wait and see what, if any, action the authorities will take against the Koobface gang."


Please follow this author on Twitter @Tineka_S or comment below.
This article is from the CBROnline archive: some formatting and images may not be present.