Home Page ContentPress Releases Facebook ‘Koobface’ Malware Gang Unmasked – Sophos releases exclusive research

Facebook ‘Koobface’ Malware Gang Unmasked – Sophos releases exclusive research

by david.nunes

Facebook ‘Koobface’ Malware Gang Unmasked – Sophos releases exclusive research


Investigation uncovers identities of the alleged perpetrators


Singapore. January 18, 2012 – Following media reports yesterday that Facebook has identified five people as responsible for the Koobface worm, IT security and data protection firm Sophos releases its independent and exclusive research into the Koobface gang, identifying the same alleged perpetrators as Facebook: Anton Korotchenko, Alexander Koltyshev, Roman Koturbach, Syvatoslav Polinchuk, and Stanislav Avdeiko.


SophosLabs malware expert Dirk Kollberg and independent researcher Jan Droemer worked with an extensive team across the industry. In this exclusive, Droemer and Kollberg share a wealth of findings, including the perpetrators’ nicknames, online activities, physical locations and business dealings:



Koobface (an anagram of “Facebook”) spreads via social networking sites, infecting PCs and building a botnet of compromised computers. It is so sophisticated it can even create its own social networking accounts, so that it can aggressively post links helping it to spread further.


The creators of Koobface, whose names have not been public until today, earn millions of dollars every year by compromising computers.


Droemer and Kollberg’s research took place between October 2009 and February 2010, but the authorities requested that it be kept confidential to allow them the necessary time to build a case.


“It’s an incredible detective story of tireless investigation, which involved scouring the internet, searching company records and taking advantage of schoolboy social networking errors made by the suspected criminals, their friends and family. We know the gang’s names, their phone numbers, where their office is, what they look like, what cars they drive, even their mobile phone numbers.”  said Graham Cluley, senior technology consultant at Sophos.  “Now we have to wait and see what, if any, action the authorities will take against the Koobface gang.”


Much more information, including images, is available in this extensive online report:





About Sophos      

More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry’s lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, mobile and network access control solutions backed by SophosLabs – a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.


Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.


Related Articles

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More