Koobface worm resurfaces

Security experts are warning of an increase in activity of the infamous Koobface worm, which has prompted micro-blogging site Twitter to suspend infected accounts.

Koobface appeared almost a year ago, targeting mainly MySpace and Facebook accounts at the time, although it has since extended itself to Bebo, Tagged, Netlog and, most recently, Twitter.

Users are tricked by social engineering tactics into clicking on a link that downloads the worm.

The worm then sends out messages to the infected users' contacts containing more malicious links, and because the messages appear to come from a trusted source, those contacts are more likely to click through.

A few hours ago, Twitter posted a status update on its site stating that it would be suspending all accounts seen to be sending bogus tweets. "If we suspend your account, we will send you an email notifying you of the suspension," read the message.

"This email also includes tips for removing the malware from your PC."

Anti-virus firm Trend Micro also warned of an increase in Koobface activity.

"As of writing, there are a couple of hundred Twitter users affected by Koobface in the past few hours, but dozens more are being infected as we speak, " wrote threat researcher Ryan Flores on the company's blog.

"We advise Twitter users to refrain from clicking URLs on tweets, especially if the tweet advertises a home video."

In addition, anti-malware vendor Kaspersky Lab said it had seen an explosion of Koobface modifications throughout the month of June. The number of variants detected jumped from 324 at the end of May this year to almost 1,000 by the end of June, according to the firm.