In 2008, you were likely active enough on Facebook like everyone else, sharing pictures with friends and family. Facebook was so addictive back then and it was amazing. We didn’t really complain about the platform then because it was everything we wanted, a safe haven to unwind and have fun and enjoy the virtual company of our friends, family, classmates, and sometimes, even our coworkers.
However, all good things come to an end, and with a large population of users comes an easy way to leverage technology to threaten them. It all started when many Facebook users started getting messages saying things like “You look just awesome in this video!” or “Secret video by Tom” with a link attached to every message. As a result, the recipient is compelled to click, which perpetuates the worm.
That’s right, these messages were not a compliment from a person who has a crush on you. That was the Koobface virus at work targeting Facebook users, and it hasn’t been officially eradicated either; in fact, it’s still nagging people in 2021.
Here is everything you need to know about the Koobface virus and how you can protect your devices from it.
What Exactly is the Koobface Virus?
Koobface is a type of malware virus that can potentially affect your computer and steal private information. After gaining significant traction back in 2008 and infecting many online users, kind of like the coronavirus’s unstoppable spread, Facebook took action and traced the real source of the Koobface virus to a bunch of Russians suspected to be Stainslav Avdeyko, Anton Korotchenko, Alexander Koltyshev, Svyatoslav E. Polichuck, and Roman P. Koturbarch.
One of them even shared a picture of their Russian office where they used to trigger multiple Koobface Virus attacks.
That may not surprise some of you who regularly follow our weekly news roundups because there have been many ransomware attacks initiated from Russian territory in 2020. These guys have considerable morals, don’t you think?
The History of Koobface Virus
The Koobface virus surfaced in 2008 when most internet users started using social media applications, including Facebook, Skype, and Twitter. While intended to appear innocuous, the real aim of any malware virus is to steal your information, and more precisely, your login credentials, credit card details, or email passwords. And the Koobface did exactly that.
Another reason why Koobface-type viruses are still spreading is that beyond a human’s gullibility, a cybercriminal needs zombie computers or botnets to trigger a DDoS attack. In simpler words, a cybercriminal uses your computer and other infected computers to launch malware attacks. And who is the weakest defense against viruses? Not the software, the humans operating it.
As scary as it sounds, you can take precautions and practice good cyber hygiene every time you are on the internet. We will help you with cyber hygiene tricks later in this article.
So just got this email from Facebook about the koobface virus. Apparently I’ve been infected, anyone know much about this?— Robert Thames (@orThames) July 22, 2011
How Does the Virus Work in Real-Time?
Imagine you received an infected message on Facebook and you clicked on the link out of curiosity. What comes next may not affect you directly but helps a cybercriminal to use your device to his advantage. A cybercriminal can turn your computer into his very own botnet, and you won’t even realize it. The result is that your affected device joins an army of P2P networks intended to launch multiple attacks, usually a DDoS.
In layman’s terms, a cybercriminal can transform your computer into a zombie botnet just like the Knight King did in Game of Thrones when he turned humans into zombies and launched a great attack on the Wall using humans. The Koobface virus also works on the same principle but involves computers instead of humans.
Your machine can thus become part of some really. bad. stuff. Worse, you may actually be held responsible if your IP (that is, your computer’s identity on the internet; this tells websites who you are and where you’re from and can be thwarted with the help of a VPN) is caught at the scene of the crime.
Two Red Flags about the Koobface Virus You Should Know
One of the biggest red flags of being infected by Koobface is that your computer starts lagging and goes to system update.
If you are a bit tech-savvy and have an antivirus app on your computer then it will tell you that the Koobface virus has infected the device.
Alternatively, you might see a few names like Captcha6.exe, Freddy35.exe, Bolivar28.exe, or Ld12.exe. You can easily check these malicious programs:
Press Ctrl+Alt+Del > Task Manager > Processes, or choose Application > Utilities if you are using a different Windows software. The following window appears showing all the background processes that are actively working on your computer.
Can You Get the Koobface Virus?
Yes, the Koobface virus can infect your computer if you ignore basic security protocols or don’t have an antivirus program to combat the virus. Like we explained earlier that the virus spreads through infected links, you might be tempted to click on a juicy one hoping to find an awesome video of a cat skateboarding. However, you are actually opening doors for the virus to sweep in and access your system.
Oddly enough, this is exactly how the Koobface virus enters your device and takes control of your private files. It is better to follow security-savvy tricks and never click on an unknown link even if a known friend sent it to you.
Chances are your friend’s computer is infected with the Koobface virus and turned his device into a botnet, and now the virus is going to infect your computer too. Sounds eerily similar to a pandemic.
Besides clicking on a malicious link, your computer can also get infected with the Koobface virus when you install infected software, click on a malicious ad, or simply when your web browser redirects to an insecure website. Don’t let this nasty worm roam around on your computer.
How to Protect Yourself from this Virus
This is where our PureVengers come in for the rescue and protect you from malicious attacks. Apart from the Koobface virus, there are thousands of other privacy-eroding viruses and malicious software that can infect your computer at any time. This is the reason why you should use the following tips and techy sense to stay safe on the internet:
- Don’t install a new program or application without double-checking the source first.
- Stop clicking on pop-up ads that you don’t care about.
- Check a link before clicking on it even if your friend sent it to you (or ignore it altogether). If it’s too good to be true, it probably is. (And think: does the voice/tone of the message match the voice/tone of your friend?)
- Use the latest antivirus software on your computer.
- Use a VPN app to stay hidden on the internet and ensure no one tracks your online activities.
What’s the Next Step Once the Koobface Virus Infects My Computer?
The easiest and quickest way to remove the virus is to restore your computer system. You should restore the computer to a specific time before the Koobface virus entered your computer and did its dirty job, assuming you have a Restore point. Another way is to use battle-tested antivirus software that can help you get rid of the Koobface virus (or any other malicious threats, for that matter).
You can also format your hard drive completely, which is easier for anyone to do on their own but bears the burden of having to reinstall all your apps and settings; you’ll lose all the files you’ve downloaded unless you’ve uploaded them to the cloud.
For sanity’s sake, we suggest you attempt the first two methods before you erase all data from your hard drive as this is truly a last resort. If you haven’t even been hit by the Koobface virus before, but want to take the appropriate precautions, check for and/or set up a Restore point on your computer to ensure that you are prepared when the time comes that you get hit by some malware that’s not easily removed.
How to Remove the Koobface Virus (Step-by-Step)
You can trace Koobface by checking all the background processes that are running on your computer. Open the Task Manager and take a closer look at any program with a dubious name.
Once you determine a program that shouldn’t be on your computer, here are the steps to remove it the right way.
Step 1: Go to the Task Manager tab. Press Ctrl+Alt+Del > Task Manager > Processes. If you see any unusual program on the list, then install Autoruns on your computer. This is the easiest way to check auto-start background applications and check the destination folder.
Step 2: After installing and running the Autoruns software, restart the computer, and choose Safe Mode. All you have to do is choose the Start button > Restart > OK.
Windows 7 users can do this:
Start > Shutdown > Restart > Ok.
Windows 8 users can do this:
Start > Advanced > General PC settings > Advanced startup > Restart now. When your computer restarts, select Troubleshoot > Advanced options > Startup settings > Restart. After that, press F5 to continue with Safe Mode.
Windows 10 users can do this:
Restart your computer while holding the Shift key. Then, select Troubleshoot > Advanced options > Startup settings > Restart > F5 button.
Step 3: Now, click on the Autoruns.exe file to check the downloaded archives.
Step 4: Select Options from the top-left corner of the panel. Uncheck Hide Windows Entries and Hide Empty Locations. Once you have done that, choose Refresh.
Step 5: Check and select the Autoruns application list. Determine the malicious file that you wish to remove from your computer. Note down the complete path because malicious files can hide the real file pathway.
Please be wary when following this step and avoid deleting your legitimate computer system files. Just right-click on the malicious file and choose Delete.
Step 6: Search and find the malware file on your computer. To do that, you can open your PC folder and simply search for the file name. Don’t forget to turn on hidden files and folders to ensure you dig out the malware.
Step 7: Now, restart your computer and you are ready to use it again.
Be Wary of Koobface-Like Viruses
This is just a single virus and who knows how many other malicious software are lurking around on the internet. We will continue to help you become more aware of such viruses like Koobface over time. Let us help you get back your privacy and protect your information.