TechSpot collecting confidential information, including password

By jobeard
Mar 20, 2007
  1. March 19, 2007 (Computerworld) -- A Trojan horse exploiting a flaw in Apple Inc.'s QuickTime that was patched two weeks ago is infecting users' computers, collecting confidential information, including passwords, several security companies said today.

    The attack is reminiscent of one late last year that plagued MySpace users and forced the popular social networking site to shut down hundreds of profiles.

    An Apple spokesman today said that the company patched QuickTime against the flaw in its March 5 security update. New versions for both Mac OS X and Windows were released that day.

    But apparently not every QuickTime user has updated to the patched Version 7.1.5; the most recent exploit again uses HREF to embed malicious JavaScript in a QuickTime movie posted on a MySpace page. When a user clicks to play the movie, the JavaScript Trojan horse -- which is hosted on an external site -- grabs personal information of the MySpace user.

    see the article
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...