MySpace
Malicious MySpace profiles are hosting a new malware attack
R E L A T E D   C O N T E N T
Similar articles
KnowledgeBANK
News centre
More from vnunet.com
ADVERTISEMENT

MySpace page pushes fake Microsoft update

Dodgy profile hosting 'malware cocktail'

Shaun Nichols in California, vnunet.com 14 Jan 2008
ADVERTISEMENT

A bogus profile on MySpace is being used to push a new malware attack.

Researchers at McAfee found malicious pages on the social networking site which spawn pop-up windows attempting to spoof Microsoft's automatic update service.

The pop-up tells the user that an official update, identified as 'updateKB890830.exe', is ready to be installed.

The attacker has further tried to confuse users by using a URL which includes 'winxpupdate.microsoft' in the address.

A McAfee spokesperson told vnunet.com that the software is "a true malware cocktail".

A remote-control tool and several Trojan programs attempt to download other malicious packages. The various downloads have been traced to servers in China, Malaysia and Ukraine.

McAfee said that the malicious profiles were still active on Friday afternoon, and that MySpace and Microsoft had been notified of the incident.

The security firm recommends users not to accept friend requests from unknown parties, and to avoid visiting suspicious profiles.

This is not the first worm to spread via MySpace. In late 2006 a flaw in QuickTime was used to launch a phishing attack which altered user profiles and hijacked friend lists.

See also:

Cambridge admissions tutor checks Facebook
'Discreetly' checking up on new applicants  11 Jan 2008
Police subpoena MySpace over Meier suicide
Wire fraud laws may have been broken  10 Jan 2008
Predictions for 2008
Cyber-gangs gear up for 2008
Let's be careful out there  24 Dec 2007
Facebook
Facebook backs down on Beacon plans
Service won't tell your friends what you buy  03 Dec 2007

All Hacking

Like this story? Spread the news by clicking below:

Post this to Delicious del.icio.us    Post this to Digg Digg this    Post this to reddit reddit!

Permalink for this story

M A R K E T P L A C E
Sponsored links
F E A T U R E D   J O B S
Senior C# Agile Web Developer, Online Gaming, London
| Aston Carter
Senior C# Agile Web Developer, Online Gaming, London My Client provides adult customers with high quality gambling and gaming services in an environment that is convenient, entertaining, fair, regulated and secure. My Client is one ... more >
EMC, NetApps, West London, Media
| Aston Carter
EMC, NetApps, West London, Media • NetApps FAS ... more >
Data Analyst / Trafficker / MI Analyst / Information Analyst - Online Gaming Company
| Abraxas
Data Analyst / MI Analyst – Leading Online Gaming Company A Data Analyst / Trafficker is sought by a leading online gaming company. The role encompasses all aspects of online advertising including data handling, communicating ... more >
Power Electronics- Field Applications Engineer-55K Package
| JAM Recruitment
Field Applications Engineer Power Electronics/Supplies Europe/Based Surrey Permanent Position £35-45k Basic+Bonus 10-15%+Car/Car allowance A global organisation involved with the design and development of power supplies actively requires a Field Applications Engineer to strengthen it existing ... more >
More job opportunities
Accountancy Age
Active Home
Best Practice
Computeractive
Computing
Computing Business
CRN
Financial Director
Infomatics
Information World Review
IT Week
Management Consultancy
Network IT Week
Personal Computer World
PC Magazine
VNU Web seminars
vnunet.com
Webactive
What PC?
Useful links: About vnu network | Privacy policy | Terms & conditions
Access keys | Top of page | Feedback
VNU Business Publications
© 1995-2008 All rights reserved
VNU Business Publications Ltd., 32-34 Broadwick Street, London, W1A 2HG, is a company registered in England and Wales with company number 01513633
part of part of vnu.net europe