For the love of strippers and one dollar bills, you would think that the QuickTime mess over at MySpace would be over by now. Well, it’s not. Here we are with a new QuickTime worm over 30 days after MySpace and Apple completely botched up their security patch effort which resulted in a goofy blame game and MySpace Tom getting Pwned. About the only thing it didn’t result in was a patch that actually worked. The kicker about this “new” worm is that it’s anything but new. It’s using the exact same JavaScript from the last worm.
How do you know it’s the same JavaScript???
Because it still has comments in the code made by Billy Hoffman of SPI Dynamics from when he posted it.
Meaning exactly what?
The lamer behind this worm swiped the code from a site whose purpose in posting it was to “learn more about these types of worms and help other online applications and communities protect themselves”. In all fairness to Billy Hoffman and crew: they didn’t even post the code until after MySpace had supposedly patched the issue.
To add even more unoriginality to this worm, it added some text to everyone’s Hero section who got infected:
Sorry Nathan, but you ain’t no Samy. Adding a couple snippets of code and removing a few from someone else’s scripting doesn’t make you a super hacker genius. It does make MySpace look like total retards though. lolz
As of right now, this worm has been neutrilized by MySpace. They added the current url the files are sitting on to their filter list (crosssiterequest.somee.com). Of course they had just finished getting all those files pulled from a free 110mb.com hosting account. So, this kid will likely just keep jumping from free host to free host with this crap.
“MySpace Still Plagued By QuickTime Worms”
Yeah, I put that “s” in the title of this post on purpose. This isn’t the first “new” worm I’ve noticed on MySpace. They had one going around that added “Anthony G is my Hero” with the “G” linked to a MySpace profile. And, another one that was/is changing people’s display names. And, and, and… I haven’t been on MySpace much lately, but I’m sure there have been others.