Slashdot Mirror

← Back to Stories (view on slashdot.org)

MySpace Phishing Attack Leads Users to Zango Adware

Posted by CowboyNeal on from the movies-that-add-something dept.

An anonymous reader writes "Security site Spywareguide.com reports that a new worm is doing the rounds on MySpace. Taking advantage of the HREF feature in Quicktime movies, a fake login bar is displayed on infected users profiles via some JavaScript coding. If you login (via one of the many hacked servers hosting the JavaScript and movie file) you'll find you start spamming messages containing a pornographic movie. That movie leads to a site that's pushing Zango Adware left, right and center. Is this more evidence that Zango has yet to clean up their affiliate networks?"

5 of 95 comments (clear)

  1. Sigh by 0123456 · · Score: 5, Insightful

    I remember the days when a movie file was... a movie file. What kind of idiot lets people access the web or, worse, run Javascript, from a bloody movie?

    1. Re:Sigh by suv4x4 · · Score: 3, Insightful

      Well, at least it'll get fixed now...

      It won't get fixed because it's not a bug. Face the reality: the only way to "fix" phishing attacks is by taking away the computers of everyone.

      Phishers just concentrate on the easiest method available. You take it away: they find another method. They don't need scripting at all.

  2. systems prone to this? by Anonymous Coward · · Score: 1, Insightful

    Pardon my ignorance, but is this is a problem for Windows users only? Or Mac too? Linux? Or is javascript the problem (making any system vulnerable)?

    1. Re:systems prone to this? by Neil+Hodges · · Score: 2, Insightful

      There's no way that's true; the Zango adware itself is written for Windows and thus would never be installed on other operating systems. The ads themselves, however, would still come.

  3. Quicktime is the problem? by Ark42 · · Score: 5, Insightful


    Sounds like MySpace is the problem here.

    To summarize, I think that the situation goes like this: A user places a movie file on their page manually to start with. People visiting that page view the movie which loads a link containing javascript. The javascript modified that MySpace user's profile to include the movie somehow.

    Why do you even need a movie for this to happen? Why can javascript just change an entire MySpace page around? It sounds like the entire problem here is that MySpace users get too much customization abilities over their pages. A simple onload="infectuser()" javascript line would seem to me like it could accomplish the same worm effect.

    --
    Morphing Software