Worm Attacks MySpace.com

[Medea]

MySpace has been reportedly infected with a worm that directs users to a phishing site that steals the login-id and password to spread spam promoting adware sites.

The worm spreads by exploiting the Javascript support within Apple's QuickTime multimedia player. The JavaScript code then overlays the menu options on a MySpace profile with a bogus menu. When the user clicks any option on the bogus menu, he/she is directed to a fake log-in page hosted on another server, where his/her log-in details are captured.

Not only does the worm replace legitimate links on MySpace user profiles with links to the phishing site, but it also manages to root infected videos into the victims' profiles.

http://www.techtree.com/India/News/Worm_Attacks_MySpacecom/551-77648-643.html

 

[Robor]

Couldn't happen to a better site? 😉

 

[Schadenfroh]

Interesting..... a worm that uses a security exploit within an Apple product to infect windows machines.

 

[mechBgon]

There needs to be a "Limited account" mode on MySpace, where you're logged in and can view profiles, and yet the power to modify your profile is locked away. What a concept, huh?

Several of my friends and their friends got hit, and my profile potentially would've been infected too, except that 1) I don't have QuickTime installed, and 2) by the time I logged in, I think Kaspersky had virus defs that recognized the exploit.

 

[kamper]

Not the first time that's happened 😛 I remember a while ago somebody wrote a javascript worm that added thousands of people to his friends list automatically.

 

[Ktulu]

Originally posted by: Schadenfroh
Interesting..... a worm that uses a security exploit within an Apple product to infect windows machines.

I love it, don't you?

 

[Aikouka]

Nah, what MySpace needs is a setting where you can remove all the fluff from user pages. Personally, I really dislike all the crud people put on their pages and I'd be more than pleased just reading the text and viewing pictures. I dislike having mutliple YouTube videos loaded on one page, about 5 swf's going at once with an animated gif background. Ugh, it's enough to make a grown geek cry.

My MySpace... simple, no "fancy" junk and uses the default style 😛

 

[corkyg]

It's about time! 🙂

 

[Medea]

@ Schadenfroh:
Agreed - that's what made it grab my attention.

@ mech:
People don't seem to understand how dangerous it is to surf the Net using an acct w/admin privileges. Vista should change that since it's my understanding that the default user is a limited acct.

Update:

MySpace on Tuesday night began distributing a temporary fix for an Apple QuickTime vulnerability affecting users of the popular social networking site.

The patch, not hosted by Apple, addresses a flaw related to JavaScript support functionality in the QuickTime video player. Attackers can exploit the feature to launch a blended cross-site scripting attack that, if successful, steals users' log-in credentials and installs adware on their machines.

Last night, MySpace members using Internet Explorer and running QuickTime received a message from the site's founder Tom Anderson. When users sign up, "Tom" automatically becomes their friend.

http://www.scmagazine.com/us/news/artic...releases-temporary-quicktime-flaw-fix/

 

[mechBgon]

@ mech:
People don't seem to understand how dangerous it is to surf the Net using an acct w/admin privileges. Vista should change that since it's my understanding that the default user is a limited acct.

The worrisome thing about this one is that it looks like it would work even when I'm using a Limited account, if I had QuickTime installed. The problem appears to be at MySpace's end; they should set up a secondary authentication (maybe a CAPTCHA) to challenge any attempts to send messages, post bulletins or modify one's profile.

That said, I sure look forward to Vista curing increasing numbers of people of Administrator Syndrome. The bad guys aren't going to like it very much :evil: