A new worm creeps all over Myspace

It’s great to meet people online and befriend them, to share your thoughts, photographs, movies and much more. Even better when the community website is easy to login to and manage; until your network intermingles with the criminal gangs of the web underground!
Security Experts at MicroWorld Technologies inform that a Worm named “Win32.Ofigel’ is spreading in large numbers across the world among a 70 million strong user base of the highly successful community portal, Myspace.com. Security experts had long raised concerns about the vast opportunity that websites like Myspace provide to online thieves and criminals, in exploiting their open nature and easy access.

When a member of the community views an infected profile, a Quicktime movie carrying Ofigel Worm is played, which exploits an XSS vulnerability in the network using a Javascript. The Worm then replaces user’s Myspace menu with a fraudulent one and the menu items redirect the user to a Phishing website identical to Myspace, where the Username and Password of the victim are captured.
Then the Worm logs onto certain websites to download the malicious Quicktime movie and adds it to the user’s profile. When a new user, mostly the victim’s contact, watches the movie, his or her computer gets infected and the chain goes on.
As if that’s not enough, Ofigel later harvests the email IDs of victim’s contacts and starts sending Spam mails to them with subject lines like: What else is there to do on a Sunday, You better not forget about this, Hehe that was so funny, Better see this one last time lol, Who’s coming to the party tonight, etc. All messages quiet in sync with the youth culture of Myspace.

Myspace officials inform that they are acting to minimize the impact of this worm on users, by identifying the URLs attempting to exploit this vulnerability. Those URLs are being blocked, while the infected profiles being removed.


Subscribe to the Help Net Security breaking news e-mail alerts:


Don't miss