New MySpace Phishing Attack
It begins with a Quicktime file being embedded in a Profile page. If the user "runs" the file (simply visiting the infected page is enough to trigger the attack in most cases), it uses the HREF function to activate some javascript. http://www.apple.com/qu...
When this happens, the profile page is "infected" and pastes a fake overlay of options onto the profile page - the most serious of which is (of course) the fake login button. If your page has been affected, you will see a strange, blue navigation bar on your page. If this is the case, you will need to clean out your profile and check if any of your friends have also been infected - if they are, you will continue to be reinfected...most likely via the friends list itself. We have seen reports of users complainiing that even when they've removed the fake navigation bar from their page, it comes right back if one of their friends is infected - so it looks like the friends list is being exploited in much the same way the Orkut worm used a similar feature to spread. Except in this case, the only option to fix the problem is get your friend to remove the infection code from their page, or remove your friend from your list indefinitely.
12 votes
