.
MySpace Virus
12/06/06
.
(punkbands) Websense Security Labs has confirmed the existence of a worm spreading on the MySpace network. This worm is exploiting the Javascript support within Apple's embedded QuickTime player (1). This is used in conjunction with a MySpace vulnerability that was announced two weeks ago on the Full-Disclosure mailing list (2). The vulnerabilities are being used to replace the legitimate links on the user's MySpace profile with links to a phishing site.

Once a user's MySpace profile is infected (by viewing a malicious embedded QuickTime video), that profile is modified in two ways. The links in the user's page are replaced with links to a phishing site, and a copy of the malicious QuickTime video is embedded into the user's site. Any other users who visit this newly-infected profile may have their own profile infected as well.[see full story for more] - Click here for the Full Story

Note: The preceding story contained only the highlights of the full story published by punkbands, if it was followed by a message to see the full story. To read the entire story click on the link following the story.

Additionally, if you wish to comment on this story, please use the Fan Speak area below.

Click here to return to the full Day in Rock report for 12/06/06

antiMUSIC News featured on RockNews.info and Yahoo News

.