Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: MySpace QuickTime Worm - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
MySpace QuickTime Worm
Juha-Matti has sent us some information regarding malicious codes spreading on MySpace network using Javascript support within Apple's embedded QuickTime player. Websense has also confirmed this.

Extracted from Websense writeup:

Once a user's MySpace profile is infected (by viewing a malicious embedded QuickTime video), that profile is modified in two ways. The links in the user's page are replaced with links to a phishing site, and a copy of the malicious QuickTime video is embedded into the user's site. Any other users who visit this newly-infected profile may have their own profile infected as well.

An infected profile can be identified by the presence of an empty QuickTime video or modified links in the MySpace header section, or both.

More details:
http://www.websense.com/securitylabs/alerts/alert.php?AlertID=708
http://www.neowin.net/index.php?act=view&id=36299
http://www.neowin.net/forum/index.php?showtopic=517166

Koon Yaw

68 Posts

Sign Up for Free or Log In to start participating in the conversation!