x
48h OFFER
If you're already a customer of
our homeusers protection,
renew now with a 50% off
RENEW NOW
x
SPECIAL OFFER
If you're already a customer of
our homeusers protection,
renew now with a 50% off
RENEW NOW
x
HALLOWEEN OFFER
take advantage of our
terrific discounts
BUY NOW AND GET A 50% OFF
x
CHRISTMAS OFFER
Buy the best antivirus
at the best price
BUY NOW AND GET A 40% OFF
x
SPECIAL OFFER
Buy the best antivirus
at the best price
BUY NOW AND GET A 50% OFF
x
BLACKFRIDAY OFFER
Buy the best antivirus
at the best price
TODAY ONLY UP TO 70% OFF
x
CYBERMONDAY OFFER
Buy the best antivirus
at the best price
(Only for homeusers)
TODAY ONLY UP TO 70% OFF
Active Scan. Scan your PC free
Panda Protection

Virus Encyclopedia

Welcome to the Virus Encyclopedia of Panda Security.

Koobface.HU

Threat LevelLow threatDamageHighDistributionNot widespread
Common name:Koobface.HU
Technical name:W32/Koobface.HU.worm
Threat level:Medium
Alias:Net-Worm.Win32.Koobface.csr,
Type:Worm
Effects:   It spreads and affects other computers. It generates a large amount of network traffic activity with the consequent consumption of bandwidth. It uses stealth techniques to avoid being detected by the user. It spreads , through instant messaging.
Affected platforms:

Windows 2003/XP/2000/NT/ME/98/95

First detected on:Jan. 21, 2010
Detection updated on:Feb. 22, 2010
StatisticsNo

Brief Description 

    

Koobface.HU is a worm that spreads by copying itself, without infecting other files.

 

  • In the local network: it generates a large amount of network activity and consumes bandwidth.

 

It uses stealth techniques to avoid being detected by the user:

  • It uses techniques included in its code to hide itself while it is active.
  • It deletes the original file from which it was run once it is installed on the computer.

 

Koobface.HU uses the following propagation or distribution methods:

  • Exploiting vulnerabilities with the intervention of the user: exploiting vulnerabilities in file formats or applications. To exploit them successfully it needs the intervention of the user: opening files, viewing malicious web pages, reading emails, etc.
  • Instant messaging: it sends links pointing to a copy of itself to all users included in the infected user's contacts list.