Koobface (an anagram of Facebook) was spread through the social network site and invited users to click a link through to a sexy or funny video.
When people did so, it informed them they needed to update their Adobe Flash player and then bombarded infected computers with adverts for fake anti-virus software, which earnt the creators money.
The worm was even able to create fake social networking profiles able to propagate the malware.
Facebook, alongside security firm Sophos, conducted a three-year investigation into the men and has named and shamed them in posts this week.
Sophos says it shared the investigation material, as well as information on how to best defend against the virus, with the larger security community.
Despite the identities of the Koobface distributors being known to law enforcement officials, the men live comfortable lives, which include expensive holidays to places like Bali, Monte Carlo, and Turkey, according to messages and photographs posted online.
‘The creators of Koobface, whose names have not been public until today, earn millions of dollars every year by compromising computers,” Sophos said in a statement.
While Facebook has tightened its security, it says the goal is to enable sites still targeted by Koobface to more adequately protect their users.
“We will stay firmly committed to our work with law enforcement in stopping these threats and bringing the bad guys to justice,” Facebook said in a statement.
“Cybercrime involves and impacts real people, and we praise those in the security community for coming together to expose those who have broken the law.
“We are confident that our work in identifying those responsible will put a significant dent in their ability to harm those online and lead to a safer internet for all.”
