Hackers Target MySpace and Facebook
Stony Stevenson writes "The security firm Fortify Software has warned against a series of attacks against Facebook and MySpace. Buffer overflows that enabled hackers to exploit the Aurigma ActiveX image uploading software used by social networking sites were at the heart of the assault. 'Criminal hackers now view social networking sites as their best target for attacks ... [partially because] such sites are designed to be usable by "unsophisticated" consumers, meaning that the barrier to entry for attacks is potentially lower as users are more likely to click on a link that leads to malware.'"
Lulz[myspace.com] has written a pretty good MySpace blog entry
... I have stripped out the first "
.testnav { position:absolute; top: 136px; left:50%; _top: 146px
... FOR NOW!
.mov files.
[myspace.com] about this, along with some protection and removal instructions if needed(in the
comments and in my post also). One of this guy's hobbies is exposing
MySpace scammers. He actually predicted about a week ago that an
exploit like this would happen. Friend him if you have a MySpace. I
can't tell who came up with this information first, Lolo or these guys
but Lolo may have gotten there first. Either way you need to read his
blog posts if you use MySpace...
Please note that you can be infected by this virus by simply viewing an infected profile. It doesn't matter what browser you use, I was using Firefox 2.0 with AdBlockPlus and a decent filterset updater and was infected. I DO NOT believe it steals your password without going to the fake login page. So if your profile gets infected you are probably fine simply removing it
Here's how to prevent it:
Use the FIND command or CTRL F to find the word LOGIN.
It starts with this line of code
style type="text/css"
div table td font { display: none }
div div table tr td a.navbar, div div table tr td font { display: none }
The code was at the very end/bottom of my ABOUT ME section.
It then continues with an obvious line of code for the menu choices. I stripped out the code and the page is fine
To truly protect yourself you need to adblock the offending Quicktime object - or better yet all