Pink Floyd Virus Spreads via Social Networking Site of China

Security researchers at Sophos inform that malware creators have made a cross-site scripting computer worm that is circulating on a Chinese social networking website 'renren.com' (previously known as Xiaonei Network). This popular website has strong user base of almost 40 Million members.

The worm known as 'Pinkren-A' presents itself as a video clip of "Pink Floyd's Wish You Were Here." It comes with messages forwarded to renren.com users. The very first line of the worm is a welcome greeting - "I'm not a malicious worm." Selecting the messages lead to the installation of harmful JavaScript which further spreads the infection.

Boris Lau, Researcher at Sophos, states that the method used to spread this virus exploits a plain XSS vulnerability in the website along with a payload that contains a flash component. It has AllowScriptAccess="always" that enables the above non-malicious JavaScript to circulate the worm through renren.com's API, as per the news by THE REGISTER on August 25, 2009.

Initial analysis suggest that Pinkren-A just spread on Facebook and similar websites without causing anything more harmful.

Security experts further state that XSS vulnerabilities are not something new on social networking websites and have been an effective way to circulate malware. The same methods were used by the Mikkey viruses that spread quickly on microblogging website "Twitter" earlier this year (2009) and by an Orkut virus in 2008. Orkut is not very popular in Europe or the US, but it has large user base both in Brazil and India.

Commenting on the attack vector, security researchers at Sophos stated the number of attacks on social networking websites has been rapidly growing. A latest report released by Sophos called "Sophos Security Threat Report" has revealed that the cyber criminals have changed the focus of attacks on social networking websites, using them first to recognize the potential victims and then targeting them both at home and work.

In Sopho's view, Web 2.0 companies are paying a great attention on extending their user base at the cost of effectively securing their present customers from web threats.

As a result, users are recommended to take further measures while taking participation in these online communities.

Related article: Pinch to Create Information-stealing Trojans

» SPAMfighter News - 9/7/2009

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page
Next