MySpace Shuts Down User Profiles Due To Worm Infection from Mary Ellen Zurko on 2006-12-06 (public-wsc-wg@w3.org from December 2006)

From: Mary Ellen Zurko <Mary_Ellen_Zurko@notesdev.ibm.com>
Date: Wed, 6 Dec 2006 13:25:13 -0500
To: public-wsc-wg@w3.org
Message-ID: <OF0D2E449D.20451F1D-ON8525723C.00651BFA-8525723C.00652FA8@LocalDomain>

fyi


http://www.informationweek.com/security/showArticle.jhtml?articleID=196601356

MySpace Shuts Down User Profiles Due To Worm Infection 
A worm directed victims to a phishing site where they were asked to type 
in their user name and password, a security firm said.
By Antone Gonsalves,  InformationWeek 
Dec. 4, 2006 
URL: 
http://www.informationweek.com/story/showArticle.jhtml?articleID=196601356 


MySpace over the weekend shutdown hundreds of user profiles that had been 
infected by a worm that directed victims to a phishing site where they 
were asked to type in their user name and password, a security firm said. 
As of Monday, all infected profiles on the popular social network had been 
taken down, Websense said. Out of the half-dozen phishing sites used in 
the attack, only one remained operational. 
The worm, which was discovered Friday, exploited the Javascript support 
within Apple Computer's QuickTime player, which can be embedded in MySpace 
user profiles. The vulnerabilities were used to replace the legitimate 
links on MySpace profiles with links to the phishing site. 
People logged into MySpace could have their profiles infected by simply 
visiting an infected profile. The malicious code was able to find 
visitors' profiles through cookies in the victims' browsers, said Dan 
Hubbard, VP for security research at Websense. Besides changing links, the 
worm also embedded the infected video in victims' profiles. 
People redirected to a phishing site were asked for their MySpace user 
name and password. Such information could be useful to gain access to a 
person's personal social network, making it easier to launch more 
malicious attacks by posing as the victim in instant messages, Hubbard 
said. 
In October, MySpace had 49 million unique visitors, according to 
Nielsen/NetRatings. The worm infection isn't the first for the site, which 
has been attacked in the past by scripts with similar methods of 
spreading. 
In July, a worm spreading through the site embedded JavaScript code into 
profiles that redirected visitors to a site claiming the U.S. government 
was behind the 9/11 terrorist attacks.

Received on Wednesday, 6 December 2006 18:25:20 UTC