Koobface hackers are easily found on Facebook, elsewhere
The attackers behind the Koobface worm are not doing much to cover their tracks, say security researchers with Facebook and several security firms. Hackers are living a comfortable life in St. Petersburg, Russia, and have been posting freely to social networking sites such as Facebook and Foursquare.
Facebook and law enforcement have reportedly known their identities for several years. At least one of the members of the gang has repeatedly broadcast the location of the group's offices via Foursquare, including pictures of members at work -- presumably spreading Koobface around the world.
Koobface has made this group quite a bit of money since its creation in mid 2008. The attackers made their money through tricking infected users into downloading faked antivirus software. At its height in 2010, Koobface and its variants may have been on as many as 800,000 PCs.
The apprehension of international criminals is difficult due to poor cooperation between the law enforcement entities of different countries, as well as a lack of resources in those countries to fight cybercrime. So companies like Facebook are taking on a different tact: public shaming.
Starting on Tuesday, Facebook plans to start sharing the identities of the Koobface hackers with security researchers and other Internet companies. The company has already shared the identities of those responsible to law enforcement. Why law enforcement has so far failed to apprehend those responsible is not clear -- it probably has to do with those aforementioned issues -- the FBI failed to respond to requests for comment.