‘QucikTime’ Spreads Pornography Through ‘MySpace’

MySpace.com, the popular social networking site, is under attack by a worm that captures login credentials and distributes spam to promote adware. Security analysts have described the attack as "amazingly virulent". anti-virus firm 'F-Secure' has dubbed the worm as 'JS/Quickspace.A' and security firm Symantec calls it 'JS.Qspace'.

The video equipped with 'QucikTime' file exploits a flaw in MySpace and encourages JavaScript in Apple Computer's embedded 'media player'. The infected movie with the support of JavaScript displays a menu that connects to an external website. The site asks the user to enter login information, which the remote hackers promptly steal. This, in turn, infects the user's own 'MySpace journal'.
The JavaScript feature embedded in 'QucikTime' has several legitimate functions. But Ross Paul at 'Websense Inc.' remarked that; a technology has many legitimate uses that can be misused.

According to Chris Boyd, 'director of malware research' at 'FaceTime Communications', malicious attackers commit theft of private credentials to distribute spam to "friends" of the victim through a section on MySpace pages. The users leave messages on those pages such as "what else is there to do on a Sunday" or "omg did you see this last nite." At the bottom of the comment is a shot of the movie that is "spectacularly pornographic".

Boyd further said the spam text contains a file that looks like a movie but is actually a link to a pornographic site that also carries adware from 'Zango'. Formerly '180 Solutions', Zango in November 2006 settled with the U.S. 'Federal Trade Commission' for $3 million over charges that it didn't take the permission of users before installing its adware.

Chief research officer at security company 'F-Secure', Mikko Hypponen, wrote in a 'blog' posted on December 2, 2006 saying the MySpace worm is almost within the company's reach that uses a malicious 'QuickTime MOV' file to scatter. The code alters the users' MySpace profile. Subsequently, it affects whoever visits that profile.

The use of movie files to allow certain kinds of scripting have become a popular method to launch malware attacks. Security experts are therefore repeatedly warning about dangers of sites that present user-created content.

Related article: “Loopholes did not cause online banking thefts”: ICBC

» SPAMfighter News - 12/8/2006