MySpace.com is under what one computer security analyst calls an "amazingly virulent" attack caused by a worm that steals login credentials and spreads spam that promotes adware sites.
Close to a third of MySpace users were infected. MySpace.com is estimated to have at least 73 million registered users.
The worm exploits a weakness found around two weeks ago in MySpace and a feature within Apple's QuickTime multimedia player.
The exploit starts with a user who visits a MySpace profile infected with an embedded QuickTime movie. The movie loads JavaScript code that overlays a row of menu options on a MySpace profile with a bogus menu. If an option in the bogus menu is clicked, the user is directed to a fake login page hosted on another server where the person's login details are captured.
Full Story
No comments:
Post a Comment