MySpace malware poses as Windows update

By on January 15, 2008, 11:00 AM
MySpace users have yet another concern to keep them on the lookout: a bogus profile on the popular social networking site is being used to push a new malware attack. According to McAfee, the attack starts as a friend request that, when clicked on, pops up what appears to be a legitimate Automatic Update window.

In reality, the popup window is just part of a larger image that takes up most of the computer screen. By clicking anywhere on this image the browser will attempt to download a “malware cocktail” that McAfee believes to consist of additional downloaders, several Trojans and a remote administration tool. According to McAfee, this attack has worked because hackers have either discovered a flaw in the MySpace code or found a way to take over user accounts.

This isn’t the first time MySpace profiles have been targeted by hackers to distribute their malware. In November 2007, hackers found a way to serve up malicious code from the MySpace profiles of Alicia Keys and a number of other artists.

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.