Websense Security Labs has confirmed the existence of a worm spreading on the MySpace network. This worm is exploiting the Javascript support within Apple’s embedded QuickTime player. This is used in conjunction with a MySpace vulnerability that was announced two weeks ago on the Full-Disclosure mailing list. The vulnerabilities are being used to replace the legitimate links on the user’s MySpace profile with links to a phishing site.
Once a user’s MySpace profile is infected (by viewing a malicious embedded QuickTime video), that profile is modified in two ways. The links in the user’s page are replaced with links to a phishing site, and a copy of the malicious QuickTime video is embedded into the user’s site. Any other users who visit this newly-infected profile may have their own profile infected as well.
An infected profile can be identified by the presence of an empty QuickTime video or modified links in the MySpace header section, or both.
More info and screenshot: http://www.websense.com/securitylabs/alerts/alert.php?AlertID=708
F-Secure Virus Information:
Name: JS/Quickspace.A
Type: Worm
Category: Virus
Platform: JS (JavaScript)
More info: http://www.f-secure.com/v-descs/js_quickspace_a.shtml
What, no smart MDN Take about how secure Apple software is?
I felt for sure there would be something like “Well that’s what happens when you view QuickTime movies from untrusted sources…”
Maybe myspace will die with vista….
Does this affect Mac OS X, Windows, or everybody becasue of the use of Java? and being as QuickTime is cross-platform, does that help as well? Stange days indeed. Most peculiar moma, Wow.
I’m insecure about how secure Apple software is.
If you never visit Myspace, then what’s the problem?
But if you actually read the F-Secure report it says, “….When you visit an infected page with IE…” Does this mean it’s actually an IE flaw? Since nobody uses IE on a Mac anymore (do they?) does it really matter?
Check it out at
http://www.f-secure.com/weblog/#00001038
Is there a cure?
Steve Jobs = God
God is punishing the heathens.
His message is clear, stay off of MySpace.
Hmm, this only infects MySpace profiles, but not any user’s computers. I wouldn’t exactly call this a security problem then. Next….
so when people visit the phishing site and enter their info it signs them up for dirty picture spam. don’t some people pay for those kinds of emails? does that make this a public service for some?
oh no… ‘cool new people’ will be infected… oh, noooooooooooooooooo…
So this is a Quicktime in IE issue?
my myspace pwnz hXc
Clearly someone wants to drive business to their security site. Check the two “Detection Methods” and “Prevention Methods” links. I have seen no clear description of exactly how it spreads and if it spreads via user interaction, then it’s something I don’t need to worry about.
I followed the link to GNUCITIZEN. So, is this a worm only because the kinds of people that use social networking sites are so starved for attention that they’d click on ANYTHING to make a connection to someone?
Seems like phishers have found ripe ground where the gullible congregate.
Clearly someone wants to drive business to their site. I have seen no clear description of exactly how it spreads and if it spreads via user interaction, then it’s something I don’t need to worry about.
So this is a Quicktime in IE issue?
Not only that but you must have a profile in MySpace and log in to it!
So, make it like this:
So this is a Quicktime in IE issue in MySpace profiles?
Note the word SPREADING like this is one of the common Winblows hits Melissa and ILOVEYOU…
Wake me when a Mac using OS X in a place other than a Anti-Virus Company research lab gets infected with a piece of malware.
Until then, STFU.
I guess since I’m old I must have also been wise to not create a My Space page. ” width=”19″ height=”19″ alt=”smile” style=”border:0;” />
Now everyone on Myspace can infect each other with computer viruses as well as sexually transmitted ones.
The cure is not to run Microsoft Internet Explorer.
No one with any sense has ever claimed that OS X is invincible, but I love it how some people jump with joy over news of a possible OS X security exploit, as though even a single bonafide OS X worm/virus proves that OS X is just as insecure as Windows. Beyond ridiculous!
This appears to be a phishing attack that alters (once allowed) the HREF track in Quicktime movies (and probably the HTML of the host’s page)-
“An HREF track is a special type of text track that adds interactivity to a QuickTime movie. HREF tracks contain URLs that can specify movies that replace the current movie, load another frame, or that load QuickTime Player. They can also specify JavaScript functions or Web pages that load a specific browser frame or window.”
– but I’ll wait for more info from more knowledgeable people.
I’m not a kid no more, so I don’t bother with MySpace.
Wow!
That didn’t take long to turn this around and blame Windows! You all always seem to surprise me!
It’s an IE issue because it comes through their browser. However, Apple makes the software that the worm spreads through….
So, it’s also a QuickTime issue.
Own up to it.