"Botnet operators, such as those behind Koobface, do make mistakes," said Nart Villeneuve, chief research officer for SecDev, who led the research project.
"Information sharing and persistent monitoring can uncover the details of botnet operations. Therefore, it is important that the law enforcement and security community continue to share information and work closely together," he said in a blog.
Koobface has used social networks to spread and is known to be one of the most sophisticated pieces of malware circulating the web today.
The masterminds behind Koobface, also known as Ali Baba and 40 LLC, used it to send messages containing malicious links over the likes of Facebook.
The links took victims to fake YouTube pages where they were encouraged to download malware with temptations such as a software upgrade.
Koobface was running through a massive number of accounts, including 500,000 fake Google blogger and Gmail accounts set up by the botnet. Typically botnets will use infected machines to set up these fake accounts.
A total of 20,000 fake Facebook accounts were also used by Koobface - itself an anagram of Facebook - to spread the malicious messages.
Both Google and Facebook have been contacted by the researchers, who informed the tech giants about a number of fraudulent accounts.
Last month, researchers discovered a Mac version the Koobface worm for the first time.
-
RSAC Conference 2025: The front line of cyber innovationITPro Podcast Ransomware, quantum computing, and an unsurprising focus on AI were highlights of this year's event
-
Anthropic CEO Dario Amodei thinks we're burying our heads in the sand on AI job lossesNews With AI set to hit entry-level jobs especially, some industry execs say clear warning signs are being ignored
-
Seized database helps Europol snare botnet customers in ‘Operation Endgame’ follow-up stingNews Europol has detained several people believed to be involved in a botnet operation as part of a follow-up to a major takedown last year.
-
Horabot campaign targeted businesses for more than two years before finally being discoveredNews The newly-discovered Horabot botnet has attacked companies in the accounting, investment, and construction sectors in particular
-
Brand-new Emotet campaign socially engineers its way from detectionNews This latest resurgence follows a three-month hiatus and tricks users into re-enabling dangerous VBA macros
-
Latest Meta GDPR fine brings 12-month total to more than €1 billionNews Meta was issued with two hefty GDPR fines for “forcing” users to consent to data processing
-
"Unacceptable" data scraping lands Meta a £228m data protection fineNews The much-awaited decision follows the scraping of half a billion users' data and received unanimous approval from EU regulators
-
Microsoft says “it’s just too difficult” to effectively disrupt ransomwareNews The company details its new approach to combatting cyber crime as the underground industry drains $6 trillion from the global economy
-
Meta notifies around 1 million Facebook users of potential compromise through malicious appsNews The vast majority of apps targeting iOS users appeared to be genuine apps for managing business functions such as advertising and analytics
-
Beating the bad bots: Six ways to identify and block spam trafficIn-depth Not all traffic is good. Learn how to prevent bad bots from overrunning your website
