In association with heise online

04 December 2006, 08:16

Worm wriggling through MySpace

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Unknown phishers have taken advantage of the Javascript support in Apple's Quicktime Player to spy on IDs and passwords for users of the MySpace online community. Simply viewing a Quicktime video, planted by the phishers, will infect the user's own MySpace profile.

The security vendor Websense reports that the infection is only evident upon close inspection. One effect is that the uppermost menu bar is replaced by one containing links to the phishing site. This brings users to a login screen designed to mimic the authentic MySpace login. Every other MySpace user who surfs to the infected profile is then also infected by the worm. Another identifying characteristic is an empty Quicktime video in the header of the MySpace page.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit