A new worm creeps all over Myspace
Posted on 06.12.2006
Itís great to meet people online and befriend them, to share your thoughts, photographs, movies and much more. Even better when the community website is easy to login to and manage; until your network intermingles with the criminal gangs of the web underground!

Security Experts at MicroWorld Technologies inform that a Worm named ĎWin32.Ofigelí is spreading in large numbers across the world among a 70 million strong user base of the highly successful community portal, Myspace.com. Security experts had long raised concerns about the vast opportunity that websites like Myspace provide to online thieves and criminals, in exploiting their open nature and easy access.

When a member of the community views an infected profile, a Quicktime movie carrying Ofigel Worm is played, which exploits an XSS vulnerability in the network using a Javascript. The Worm then replaces userís Myspace menu with a fraudulent one and the menu items redirect the user to a Phishing website identical to Myspace, where the Username and Password of the victim are captured.

Then the Worm logs onto certain websites to download the malicious Quicktime movie and adds it to the userís profile. When a new user, mostly the victimís contact, watches the movie, his or her computer gets infected and the chain goes on.

As if thatís not enough, Ofigel later harvests the email IDs of victimís contacts and starts sending Spam mails to them with subject lines like: What else is there to do on a Sunday, You better not forget about this, Hehe that was so funny, Better see this one last time lol, Whoís coming to the party tonight, etc. All messages quiet in sync with the youth culture of Myspace.

Myspace officials inform that they are acting to minimize the impact of this worm on users, by identifying the URLs attempting to exploit this vulnerability. Those URLs are being blocked, while the infected profiles being removed.


Critical bug found in Cisco ASA products, attackers are scanning for affected devices

Several Cisco ASA products - appliances, firewalls, switches, routers, and security modules - have been found sporting a flaw that can ultimately lead to remote code execution by attackers.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Fri, Feb 12th