New Strain of Koobface Virus Hits Facebook: User Accounts Hijacked


I know the Koobface virus oh so well. Having a friend who is a video producer and editor, I often exchanged video clips via with my buddy. We used to trade trailers and enjoy each others critiques of our individual work. No more! Late last year, my “friend” sent me another trailer to review. Thinking nothing of it, I opened the video clip and it happened. My desktop was turned into the dreaded “zombie.”

What’s a Zombie?

My friend’s Facebook account was hijacked by hackers who sent a Koobface virus via a video clip. Once I clicked open the clip, the virus infected my desktop with the following results:

  1. Programs came to a screaching halt
  2. My computer was so slow nothing would open as if I was on some form of dial up but the dial up line was a string laced between two tin cans
  3. My computer was transformed into a “bot” that began to send out the Koobface virus to other computers

According to anti virus organization Kaspersky Labs,an antivirus organization working with Facebook:

“the worms transform victim machines into zombie computers to form botnets.”

Son of Koobface

In today’s Washington Post, Brian Krebs a great tech writer and go-to source of information, documents the latest strain of Koobface unleashed on Facebook in “Koobface” Worm Resurfaces on Facebook.”


Courtesy Trend Micro wiki and Trend Micro

Trend Micro discovered the new strain and is busy at work on a solution. For more information go to Trend Micro’s Malware Blog “New Variant of Koobface Worm Spreading on Facebook.” Same old story with terrible results.


Don’t open anything that resembles a video file, investigate the orgins of messages sent to you on Facebook, and make sure you understand the consequences if you decide to open these messages.


Warning Restitution Registration Deadline For Okun-Coleman Victims December 29, 2008

Chicago Sun-Times published this deansguide article 12-07-08

The following email notice was sent to all Okun-Coleman victims of the 1031 Tax Group scandal by the US Department of Justice. If you were one of the 1031 Tax Group victims of Ed Okun and Lara Coleman, you MUST register your financial loss as described in the letter copied below.

Warning: Are You On US Department of Justice Mailing List?

If you do not receive a hard copy in the mail, the CRIMINAL court doesn’t have your correct address. It is imperative that you alert Kim Ulmet, with the US Department of Justice, so she can update or correct the victims’ mailing list she is developing/maintaining to ensure you receive other official court documents. Her information is below. If you fail to follow the steps below, you could miss out on the opportunity to recieve any restitution via the criminal court process (which is totally different from the ongoing bankruptcy mess).

Kim Ulmet Contact Information:

U.S. Department of Justice,
United States Attorney’s Office Eastern District of Virginia in Richmond
600 East Main Street, Suite 1800,
Main Street Centre,
Richmond, VA 23219
Phone: 866-287-5410
Fax: 804-771-2316

The Letter:

December 01, 2008

RE: United States v. Defendant(s)

Case Number 2007R01837 and Court Docket Number 3:08CR132
United States v. Edward H. Okun

Important Notice: Victim Verification of Financial Losses
Enclosed you will find a form entitled, “Important Notice: Victim Verification of Financial Loss,” which requests information and supporting documentation concerning your financial loss associated with Edward H. Okun, d/b/a 1031 Tax Group and Investment Properties of America (IPA). The Qualified Intermediaries relevant to this case include: 1031 Advance; 1031 Security Services; Atlantic Exchange Company; Investment Exchange Group; National Exchange Services; and Real Estate Exchange Services. It is imperative that the enclosed form and your supporting documentation be completed and submitted to the United States Attorney’s Office, Attn: Kim Ulmet, Victim/Witness Specialist, 600 East Main Street, Suite 1800, Richmond, VA 23219 and be postmarked no later than Monday, December 29, 2008. You must submit the form with your original signature, however, your supporting documents may be copies. If your Victim Verification of Financial Loss form and supporting documentation outlining your financial loss are not postmarked by December 29, 2008, your name may not be included in the list of victims that will be submitted to the Court for restitution purposes.
Although you may have received and completed a survey from the United States Postal Service and/or filed a claim with the Bankruptcy Trustee, you must complete the enclosed form to be considered for restitution. In addition, you must sign the declaration under Penalty of Perjury and attach all requested supporting documentation. The restitution process is entirely separate from the pending bankruptcy proceedings. As you will see from the attached form, the relevant inquiries are different and require specific documentation. We appreciate your patience and cooperation with this process.

This notification will be sent through email and regular mail. If you do not receive this notification in the U.S. mail within two weeks, please log in to the VNS website, update your address, and call me at 866-287-5410 to ensure we have your updated contact information.