IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Koobface infections halted after Facebook exposure

Facebook's decision to name Koobface suspects has an immediate impact, but no arrests have been made.

Facebook

Koobface has stopped infecting new machines, according to reports, following the public exposure of five people suspected to be behind the criminal operation.

Facebook and Sophos chose to release the names of those they believed to be running the Koobface botnet earlier this week.

Jan Droemer and Dirk Kollberg, German security researchers who wrote up an in-depth report on how they tracked the suspects, said servers running Koobface stopped responding after they released their information via a Sophos blog, according to Reuters.

Our decision to become transparent about this has had a 24-hour impact.

Koobface had stopped spreading via Facebook nine months ago but was continuing to propagate in different ways and via different social networks.

Kaspersky had estimated that Koobface had managed to infect between 400,000 and 800,000 machines in 2010. It first appeared in 2008.

The suspects left a vast trail of digital clues that led to their names appearing in reports, including Facebook pages.

They were also involved in more salacious affairs, including appearances at adult film conferences.

They also failed to lock investigators out of command and control (C&C) centre data, which eventually led to the leaking of their web pseudonyms.

Those identified have now erased social networking profiles found by the researchers.

"The thing that we are most excited about is that the botnet is down," said Facebook security official Ryan McGeehan.

"Our decision to become transparent about this has had a 24-hour impact. Only time will tell if it's permanent but it was certainly effective."

Facebook declared late on Tuesday it would continue to fight the botnet even though it had been banished from the social network.

"While we have been able to keep Koobface off Facebook, we won't declare victory against the virus until its authors are brought to justice," the company said in a blog post.

"We feel it is the interest of everyone online to work with law enforcement and the larger security community to identify the gang and see the full force of law brought to bear against those who have made millions in ill-gotten gains.

"To this end, we will be sharing our intelligence with the rest of the online security community in the coming weeks in an effort to rid the web of this virus forever."

Featured Resources

The state of Salesforce: Future of business

Three articles that look forward into the changing state of Salesforce and the future of business

Free Download

The mighty struggle to migrate SAP to the cloud may be over

A simplified and unified approach to delivering Enterprise Transformation in the cloud

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

The Total Economic Impact™ Of IBM FlashSystem

Cost savings and business benefits enabled by FlashSystem

Free Download

Recommended

Facebook business accounts hijacked by infostealer malware campaign
Security

Facebook business accounts hijacked by infostealer malware campaign

26 Jul 2022
Meta begins encrypting Facebook URLs, nullifying tracking countermeasures
privacy

Meta begins encrypting Facebook URLs, nullifying tracking countermeasures

19 Jul 2022
EU inches closer to blocking Meta from sending personal data to US
Policy & legislation

EU inches closer to blocking Meta from sending personal data to US

8 Jul 2022
Meta hit with €17 million fine over multiple GDPR breaches
data protection

Meta hit with €17 million fine over multiple GDPR breaches

16 Mar 2022

Most Popular

Why convenience is the biggest threat to your security
Sponsored

Why convenience is the biggest threat to your security

8 Aug 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

29 Jul 2022
Microsoft successfully tests emission-free hydrogen fuel cell system for data centres
data centres

Microsoft successfully tests emission-free hydrogen fuel cell system for data centres

29 Jul 2022