Koobface strikes Facebook again

 I had a friend contact me today about a virus. I figured was just another run of the mill, but after listening to the description and doing a bit of Googling, looks like a Koobface variant (anagram of Facebook) has been re-surging since around Tuesday of this week. Read on for more information.

News coverage is sparse at the moment, but you can read here: 

http://www.pcmag.com/article2/0,2817,2361525,00.asp and here:

The attack via e-mail uses the subject line "Facebook password reset confirmation customer support" and has a downloadable zip or executable which delivers the malware. Once installed, it will install several other malware and attempt to get the user to purchase rogue anti-spyware. The attack may also take over the Facebook account and begin sending links and spam via wall posts. The links would supposedly open a video that asks to download a codec, and then propagates the trojan. The one I witnessed had definitely hijacked the account to spread these links/spam, but I couldn't confirm the link scenario, as the links were broken. 

Anyways, I hope not to overstate this threat, but wanted to let you guys know to be a little bit extra cautious over the next week (kind of like those pre-census letter warnings we got telling us that we would be getting the census soon). 

Comment using an existing account (Google, Twitter, etc.)