Worm Hits MySpace

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

http://www.informationweek.com/showArticle.jhtml?articleID=3D190500249&quer =

=BB  E-Mail
=BB  Print
=BB  Discuss
=BB  Write To Editor
=BB  Digg Worm Hits MySpace

The payload redirects users to another site and isn't malicious. But in
light of the social networking site's rapidly rising popularity, some
security watchers are wondering if a malicious worm is the next step.

By Gregg Keizer

Jul 17, 2006 02:17 PM

A worm spreading through MySpace is embedding JavaScript code into
users' profiles that redirects visitors to a site claiming the U.S.
government was behind the 9/11 terrorist attacks, a security company
warned Monday.

The unnamed worm isn't malicious, said Symantec researchers, but the
malformed Shockwave Flash (.swf) file containing the payload embeds
JavaScript into the profile of any MySpace user who views the .swf

"This script code would then be interpreted by any user who visited the
site, allowing sensitive data to be stolen, such as a hash value
required to carry out operations as a user," said Symantec. Currently,
that access is being used only to spread the JavaScript code to other
profiles on the popular social network site.

An independent researcher has dissected the .swf file and commented on
the code; his analysis is available here.

MySpace, which recently was dubbed the most visited site on the
Internet, has been attacked in the past by scripts with similar methods
of spreading, Symantec noted.

The Cupertino, Calif. security giant warned that this attack was just a
step away from something much more serious, in large part because of
the social network's rising popularity.

"If the payload were malicious, such as being used to carry out a
secondary attack involving one of the recently discovered patched or
unpatched vulnerabilities affecting Microsoft Office content, the
impact could [have been] extremely high," Symantec's warning went.

Last week, MySpace was used to spread adware created by Zango, the
company formerly known as 180solutions.

Site Timeline