MySpace malware poses as Windows update

By on January 15, 2008, 11:00 AM
MySpace users have yet another concern to keep them on the lookout: a bogus profile on the popular social networking site is being used to push a new malware attack. According to McAfee, the attack starts as a friend request that, when clicked on, pops up what appears to be a legitimate Automatic Update window.

In reality, the popup window is just part of a larger image that takes up most of the computer screen. By clicking anywhere on this image the browser will attempt to download a “malware cocktail” that McAfee believes to consist of additional downloaders, several Trojans and a remote administration tool. According to McAfee, this attack has worked because hackers have either discovered a flaw in the MySpace code or found a way to take over user accounts.

This isn’t the first time MySpace profiles have been targeted by hackers to distribute their malware. In November 2007, hackers found a way to serve up malicious code from the MySpace profiles of Alicia Keys and a number of other artists.

User Comments: 4

Got something to say? Post a comment
phantasm66 said:
This is where its all going, malware wise: social networking malware, and malware that looks like its from a trusted source.Worms and suchlike involving facebook, myspace, bebo, etc are going to become very common, especially once these sites get compatible, open source APIs.
Nic said:
I got this one today, and I don't even have a MySpace profile ...
Julio said:
The trend I believe is not only in the medium but in the fact that malware writers are "evolving" in order to follow the masses where a majority of unaware users may click and get infected without knowing it.It's a pain I know, but a large share of users still inadvertently click on stuff that pops up on the screen.
madmantm said:
Hey show this to your kids and others who use myspace.[url]
Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.