[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [WEB SECURITY] MySpace Flash worm

From: "Will Jefferies" <wjefferies@xxxxxxxxxx>
Subject: RE: [WEB SECURITY] MySpace Flash worm
Date: Mon, 17 Jul 2006 16:05:42 -0500

A friend of mine alerted me to the worm after he hit it yesterday.  The
interesting part is that Symantec antivirus already catches it.  

Will

-----Original Message-----
From: Jeremiah Grossman [mailto:jeremiah@xxxxxxxxxxxxxxx] 
Sent: Monday, July 17, 2006 11:17 AM
To: Web Security
Subject: [WEB SECURITY] MySpace Flash worm

Some bloggers [1] are reporting that a new MySpace worm is making the  
rounds. This one looks like its based on Flash with some AJAX looking  
ActionScript code embedded [2].

"Somebody has managed to hack Myspace.com with a flash based redirect  
that exploits what is apparently a gaping wide hole in the Myspace  
code. If you are signed into Myspace, and you go to a friends page,  
and then find yourself redirected to a blog post containing a  
diatribe about how the United States government is behind the 9/11  
attacks, then your account has been hacked, and everyone who visits  
your page will be infected!! Yes, it's true, at least for now -  
everybody who visits an infected profile while signed into their  
Myspace account will have their page hijacked!" [3]

Myspace Hack Spreading
http://seoblackhat.com/2006/07/16/myspace-hack-spreading/

How the myspace SWF hack worked
http://kinematictheory.phpnet.us/

Myspace Hack spreading like wildfire: SPAIRLKAIFS
http://chaseandsam.com/2006/07/myspace-hack-spreading-like-wildfire.html

Regards,

Jeremiah Grossman
Founder and CTO
WhiteHat Security
www.whitehatsec.com
------------------------------------------------------------------------
----
The Web Security Mailing List: 
http://www.webappsec.org/lists/websecurity/

The Web Security Mailing List Archives: 
http://www.webappsec.org/lists/websecurity/archive/
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]
Confidentiality Notice: This message is for the sole use of the intended recipient(s).
It may contain confidential or proprietary information and may be subject to the
attorney-client privilege or other confidentiality protections. If this message was
misdirected, neither FNC Holding Company, Inc. nor any of its subsidiaries waive any
confidentiality, privilege, or trade secrets. If you are not a designated recipient,
you may not review, print, copy, retransmit, disseminate, or otherwise use this message. 
If you have received this message in error, please notify the sender by reply e-mail 
and delete this message.

----------------------------------------------------------------------------
The Web Security Mailing List:
http://www.webappsec.org/lists/websecurity/

The Web Security Mailing List Archives:
http://www.webappsec.org/lists/websecurity/archive/
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

References:
- [WEB SECURITY] MySpace Flash worm
  - From: Jeremiah Grossman

Prev by Date: [WEB SECURITY] PayPal XSS Exploit available for two years?
Next by Date: [WEB SECURITY] Identity 2.0
Previous by thread: [WEB SECURITY] MySpace Flash worm
Next by thread: [WEB SECURITY] Data Validation
Index(es):
- Date
- Thread

Brought to you by http://www.webappsec.org
Search this site