The Bad Kind of Viral

Awesomely-Named Russian Koobface Gang Allegedly Responsible for Non-Awesome Facebook Virus

koobface worm Awesomely Named Russian Koobface Gang Allegedly Responsible for Non Awesome Facebook Virus

via metrolic.com

Investigators at Facebook and a number of independent computer security firms, including Sophos, allege that five-man Russian gang is responsible for a computer worm that has been plaguing social networks, including Facebook, since 2008. The ne’er-do-wells, who call themselves the Koobface gang (because why not), have been “living comfortably” and “in plain sight” in St. Petersburg, according to the New York Times.

The millions they’ve gleaned from online schemes has been spent on luxury trips to Monte Carlo, Bali, and Turkey (see aforementioned why not).

Facebook, however, plans to put an end to all that. Today, says the Times, the social network plans to begin sharing intel about the group and how to fight them. “It believes public namings can make it harder for such groups to operate and send a message to the criminal underground.”

You see although the group has yet to be charged with a crime, they have been publicly broadcasting updates about their location and news for years on sites like Twitter and Foursquare, not unlike a regular startup. “Photographs on Foursquare also show other suspected members of the group working on Macs in a loftlike room that looks like offices used by tech start-ups in cities around the world.” In fact, Ryan McGeehan, Facebook’s manager of investigations and incident response, tells the Times that the social network traced the worm back to the accused parties within weeks of the first attack: “We’ve had a picture of one of the guys in a scuba mask on our wall since 2008.”

The Koobface gang’s malware played on users’ collective humanity with offers to watch “a funny or sexy video.” Who could resist? If the link was clicked, a message popped up requesting that the user update their Flash software [Ed note.: UH OH! WE'VE GOTTEN THOSE], which downloaded the worm. In its heyday in 2010, a botnet of 400,000 to 800,000 computers were affected worldwide. “Victims are often unaware their machines have been compromised.” [EEEEE! NEVER UPDATING FLASH AGAIN.]

The group was able to operate freely by working in a country with a poor record of cooperation with the U.S. and European enforcement agents. “Meanwhile,” says the Times, “Western law enforcement is awash in computer crime and lacks the resources and skilled manpower to tackle it effectively, especially when evidence putting individuals’ fingers on keyboards must be collected abroad.”

The paper says the combination of a education system that emphasizes math and science, economic collapse, and a weak private sector has turned Russia, in particular, into a “hacker haven.” Better get to stepping on that Silicon Valley of Moscow before things really get any worse.

Follow Nitasha Tiku on Twitter or via RSS. ntiku@observer.com