PandaLabs has warned of the appearance of several malicious codes that are using MySpace pages to spread.
Cybercrooks want to distribute their creations to as many users as possible. That’s why they use networks that attract millions of
Internet,explains Jeremy Matthews, CE of Panda Software South Africa.
Most of these malicious codes are Trojans, like the dangerous FireByPass. BA which captures confidential information entered or saved by users on computers. This and other Trojans found in MySpace use rootkit techniques to hide their processes, making them even more dangerous.
The first attack against social networks started in 2005, when a MySpace user created a worm (detected by Panda Software as MySpace.A) that allowed them to add a million entries to their contact list.
In 2006, a worm was created that used MySpace’s user profiles to spread. The worm infected everybody that visited a certain user profile. Around that time, an advertising banner in MySpace exploited a Windows Metafile vulnerability to infect over a million users with spyware. Soon after, a worm was discovered at MySpace that inserted Java script in user profiles. When somebody tried to visit some of those profiles, they were redirected to a webpage that blamed the U.S. government for the 9-11 attacks.
The most serious case took place in 2007. The attackers exploited a feature of Apple’s QuickTime player to spread a worm in files that tried to pass themselves off as movies. Users that tried to view them became infected. In addition, the worm modified profile headers so that all of them pointed to a fraudulent website. This was a spoofed version of MySpace’s official site for stealing user names and passwords. This worm was also designed to send spam massively to all the contacts of infected users.
To know whether any of these malicious codes has infected your computer, you can use Panda Software’s online tools, available at http://www.infectedornot.com/.
