QuickTime worm spreading on MySpace

Posted on Tuesday, Dec 05 2006 @ 14:57 CET by Thomas De Maesschalck
Security experts warn for a new worm on MySpace that uses QuickTime to spread.
The video is a rigged QuickTime file that exploits a MySpace vulnerability and support for JavaScript in Apple Computer's embedded media player, Web security firm Websense said in an alert posted on Friday.

When played by a MySpace user, the video adds itself to the user's MySpace page and replaces the links on the user's profile with links to phishing Web sites, Websense said. Phishing sites are fraudulent sites that attempt to trick people into giving up sensitive information such as log-in credentials.

A MySpace representative on Monday said she could not immediately comment on the worm.
Update: A patch can be download at MySpace.

About the Author

Thomas De Maesschalck

Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.

Loading Comments