Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
The notorious Koobface malware has begun using Google's Reader service to spread further.
Researchers say that the new attack uses spammed messages which send users to the compromised pages on the Reader service. When the user clicks on a fake video embedded in the page, traffic is diverted to another site which attempts to run a remote exploit and malware installation.
Trend Micro senior security adviser Rik Ferguson noted that the attacks provided a slight variation on the Koobface attacks which surfaced earlier this year. The company estimates that some 1,300 accounts have already been compromised.
"Cybercriminals are taking advantage of Google's credibility by hiding their malicious links behind Google Reader," Ferguson said.
"This is a new twist on the familiar Koobface infection routine where victims are asked to install Adobe Flash updates in order to view a video which appears to be shared on the Google Reader website."
The Koobface worm and its associated botnet have gained notoriety in security circles for its longevity and history of targeting social networking sites. First surfacing in 2008 within MySpace and Facebook, the worm later resurfaced in 2009, this time targeting Twitter users.