Yesterday, a metric ton of MySpace accounts were infected with yet another worm. As I predicted ten days ago, it was accomplished via a QuickTime embed. Visiting the profile of anyone infected would cause the navigation links across the top of your profile (Home | Browse | Search | Invite | etc…) to be replaced by fake navigation links which all linked to a spoof MySpace login page via some basic CSS and HTML added to your “About Me” section. And, the QuickTime embed was added to one of your “Interests” sections to further propagate this worm / phishing attack. At a glance, this looked like nothing more than that: a worm being used to phish MySpace passwords.
Read more…
After getting hit with the Flying Spaghetti Monster Worm (NSFW-ish link), 9/11 Worm, and approximately a gazillion billion members were infected with adware by downloading some garbage after being auto-redirected to fake MySpace IM & Porn Sites; MySpace implemented their Flash 9 security update in July. Sure, this was a major blow to the legit companies who feed the MySpace beast with widgets, but at least it slowed down the MySpace-to-SpamSpace morph. Since that time, MySpace has been hit by a number of small worms that employed Javascript workarounds, but those only required small patches to send them the way of the dinosaurs.
Now, spammers have found a new best friend: QuickTime Embeds that auto-redirect to the url of their choosing. This morning I logged into my MySpace and saw the following bulletin:
Title:
OMG!! UNLIMITED ringtones for ur phone!!!d0244
Body:
This site is a fukin ringtone GOLDMINE!!! I have no idea how they get away with this!!! Click on the link below to check it out!
http://profile.myspace.com/(url-truncated)&friendid=2a690aa49d
—
The bulletin was not posted by the owner of the account which it was sent from. The spammer posted it from his account after phishing him.
Read more…