MySpace Phishing Attack Leads Users to Zango Adware

An anonymous reader writes "Security site Spywareguide.com reports that a new worm is doing the rounds on MySpace. Taking advantage of the HREF feature in Quicktime movies, a fake login bar is displayed on infected users profiles via some JavaScript coding. If you login (via one of the many hacked servers hosting the JavaScript and movie file) you'll find you start spamming messages containing a pornographic movie. That movie leads to a site that's pushing Zango Adware left, right and center. Is this more evidence that Zango has yet to clean up their affiliate networks?"

Re:What idiot at Apple put that in?

[Lars+T.]

Well, it sure seems to be necessary for playing certain types of movie files. Perhaps our friends at Apple should separate the movie playing part out, so those of us who don't care about playing interactive QuickTime files can avoid security holes like this one. Why exactly should Apple do that? Any decent programmer could write one themself. But obviously there aren't any in the Windows camp.