How five members of the Koobface malware gang were unmasked

How five members of the Koobface malware gang were unmasked

According to the New York Times, Facebook is making public the names of the people it believes are responsible for the Koobface worm: a botnet which has helped its creators earn millions of dollars every year by compromising computers.

Koobface suspects

The five men are said to be involved in the Koobface malware gang, which has blighted millions of computer users.

Naked Security has great pleasure in being able to tell the in-depth story of how these individuals were identified as part of the Koobface gang, in a detailed investigation conducted by independent researcher Jan Drömer, and Dirk Kollberg of SophosLabs between early October 2009 and February 2010.

Read: The Koobface malware gang – exposed!

(Not familiar with Koobface? Here’s some background information you may find handy to read first.)

The names uncovered by the researchers are the same as those announced today.

It’s an incredible detective story of tireless investigation, which involved scouring the internet, searching company records and taking advantage of schoolboy social networking errors made by the suspected criminals, their friends and family.

The Koobface malware gang - exposed!

Koobface gangUp until now, Drömer and Kollberg’s research has been a closely-guarded secret, known only to a select few in the computer security community and shared with various law enforcement agencies around the globe.

At the police’s request we have kept the information confidential, but last week news began to leak onto the internet about Anton “Krotreal” Korotchenko – meaning the cat was well and truly out of the bag.

Now we have to wait and see what, if any, action the authorities will take against the Koobface gang.

Read: The Koobface malware gang – exposed!