Beware of New MySpace Malware
Security Watch is reporting a new MySpace security issue that could reasonably make someone’s day unhappy. The idea behind the hack is to send an authentic looking patch from Microsoft to a person’s computer, once they have clicked on a link to view a person’s profile.
Once installed and run, it opens a back door on the compromised machine and proceeds to download more down loaders, Trojans and a remote control tool from multiple servers. The downloaded files are coming from servers located in Malaysia and the Ukraine. McAfee has notified both MySpace and Microsoft but, at the time of writing, the booby-trapped MySpace profile was still live and serving up the malicious file. Source: Security Watch
Always fun, and yet another reason to be careful when using social networks anywhere, not just at home but on the corporate networks as well.
When the article was published, MySpace had not fixed the issue, odds are very likely that they will be doing so in the future if not today as news gets out. The problem is in distribution of information, not everyone who uses MySpace reads cool security blogs or security news sites. Odds are most likely that there are going to be a significant number of people running around with compromised computers.