Network Security & Hardware - eWeek


Is the Smart Grid a Dumb Idea?
Surgical Adhesive Offers Smarter Way to Mend Bones
Get Smarter Technology on Your Mobile!
  Network Security & Hardware


Phishers Attack MySpace with QuickTime Exploit Worm



 By: Ryan Naraine
2006-12-04
Article Rating:starstarstarstarstar / 0


There are 0 user comments on this Network Security & Hardware story.


Rate This Article:
Poor Best
Security researchers warn that phishers are manipulating QuickTime movies to steal MySpace authentication credentials.

Identity thieves are manipulating a feature in Apple Computers embedded QuickTime player to launch phishing attacks on the popular MySpace.com social networking portal.

According to a warning by San Diego-based Websense Security Labs, a fast-spreading worm is exploiting the JavaScript support in QuickTime and targeting a MySpace vulnerability to lure users to phishing sites.

The double-barreled attack is replacing legitimate links on users MySpace profiles with links to malicious sites cleverly masked to look legitimate.

Click here to read more about the dangers of rigged QuickTime movies.

Resource Library:
"Once a users MySpace profile is infected—by viewing a malicious embedded QuickTime video—that profile is modified in two ways," Websense said. The links in the users page are replaced with links to a phishing site, and a copy of the malicious QuickTime video is embedded into the users site.

"Any other users who visit this newly infected profile may have their own profile infected as well," the company warned.

Details of the MySpace vulnerability first surfaced in a Nov. 16 post on the Full Disclosure mailing list that described how MySpaces navigation menu can be replaced with a malicious menu via CSS (Cascading Style Sheets) code in the attackers profile.

For advice on how to secure your network and applications, as well as the latest security news, visit Ziff Davis Internets Security IT Hub.

The flaw opens doors for a content-replacement attack that could be coupled with a spoofed MySpace log-in page to steal authentication credentials when the target is unexpectedly redirected to the attackers site.

Within weeks, security researchers noticed that rigged QuickTime movies were being used in conjunction with the vulnerability to propagate actual attacks.

Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Ryan Naraines eWEEK Security Watch blog.



  Reader Comments: Phishers Attack MySpace with QuickTime Exploit Worm
>>> Be the FIRST to comment on this article!
 

 
 
>>> More Network Security & Hardware Articles          >>> More By Ryan Naraine
 


x}kw6DىCvK9-5m[Kݞ=Z$!)Jvr[/I$?:{PBP(|Gλ$\8д,JvΰSã&}w$5vv]zAUԫ1en軫w2v`P;^> \?awD%x_'Щѩ€wɄIPQߕͩ>}^qlv .hѲ"lG : rסyO`nzAvn=ݣw2`~|!k`TCw-}~HcM-G ؓ ۭBx)BP/#"FτwGېJ3v' jb'ӤbfxkQ#@gPp,ǃT* TkQ3#}jZ3uk-3G@ؾ!# 3EuL_FB?$¥0rAO,Ӈ;) ۱ȭB ¿{yo@ׁn܍=gf̳L]>'l,R ?q1p<=0;DL<:/Cg3a]ѦlXwGZ.h5E9*U+x`CL{hTEÙ|g[~^(U{~] GAnm-'uP\On:Y\u>..Ƀ-N6|'oLZ.JT:&ȇ Ԙ|5 P%opAIS# Ԏ$0L" J1~̢2qu;-^m^MuY6f0ZjCA/]鬘FȏAժ}uڹ풳 9m}j Gt@C0\6:֪Vlxmqj{ dPp8LwZ| ~8>_$?_OHA҉,N?./!=O}nr@ I/o,nG$,a5 tACJs9$SNE ;- ujvfPx۬ Շ70S_?g}p za4z@Lt&:h)5?&pΚb.L2o]V${3BDȽ`g@ A.r)i t 6=aL+^\~_5\awW9Q] K\Mza;{8k5{oZ{ݹvem`Ub}PhvZM]qsuTStԪt ~^Jj׎E@U~ _1p-~q2dLm,5,LHYAQǟgA`::)~ҧ>ҡ9m'!|БdmxZ.f4!D&MЀ`;Ah1[W grGֶL/ e jJ=WsA|5 i!sL&Ze onunl@aehI*#wT4 ?{`ELE2a5?%Ӈ>^`3h{q#%IAg =e河xO:[$֒%T^ӛA'~. B[+ҞY&9&ے8EqfP2D񥖲HD@CR)Ե ҊaY^`(ytM̆Т iM>*cc9m &TY9Ϧ?>2ei[ahxK;ʸA6`@ELl5TH׳թw@4=".IkNŧ`r<<fRq'Pt @I55}끆7_ƅ/c%|o2rl\:|ꚺ8],- guaGjJ s4'ME8` ;DzӜh2F ÑiHuߴY?twұj)݅I ,䧒RVJ~$[b"ud\6˰@eִ&3r,y' zfdݞ0RҴgE3s@B$T `LHG7S]KQaȣuU_yS=alE 570M:LK/3$!O^'KRIC'Xk5F>=c"}IVt8#HE~H.Ew|+N97>+}zK]G>snW}G>N&-;h'H]M;H̎O\NR!ihw\rRk}G,G%+vrƒ4 ]#@$7zj]b9N(k0q9'& ~Lg%:<!pwC)2,`{]0>AG5h0qH&3E6YҜ):+@+jZS'V$tu| `_snM<=צK$*X  d5}u*ՃZIe߯Y+^> (C ` K{ZCA;eS4>tV{PBKg7cMEH]ac6U{z@n)Z/''vhTJE[>7/=Od[̆ErN/dZIp|]avKre$mAșY%G:eۤs:n&b`l"Z`|i-X`Cb&T~\{Rglg^c+/ `Mɧb_;(1\Ac>֍+yU=|m*uMn1}a%[ŜRx` fΔzlh}Д*eƬ}/(QU-q'F.҄^%ixN1 Q,v}b;_&I|SeYZv+Հ΀Ld_V83pa-XRjjBL*>"GwCC/ PNkFVՋG>P*~JגHUگjYIz, :sZ1n?5dЯxLl \%\{3i0(Q󩋗A fD}R/)3nQ/ ~egm>Q?PG e[U`3Wf4$NcVqDMb?ҁh)03?2RCٸUvJ0i5I+JZ{̡=2f{cV$¾.ܓG\\3C4}3݀,+L)~3̇)uRpgi5jZ)}#04C: Wjjye!r UN6[_Tj vQ *s>P9kۻBlpIj‰ +~Wl)Ɂ$ |Bʍ D;}ZTa3 u/x{yqwozՔݷGS( L $q!YUihja{I12A$K~}{HJۧ>\e!Ĺg;vݹ:$ "̼G}}Gkeq_KKxi/RCR>"jp~xu*/-~61z˾NIM$(Xq4qs'^}u}u.w᳋Y/`y BN׹p.7+%E;"u ׹o= rDp'Bj^ϯYF^9h5oOM1Bk3d4)(3`X#aK#fWDH@KuÙb9kI.Dz=d_5g0T (Zw~uYw1d|PZ# (ʑ=`=`Vv9:\b/:͞$VB 0FG_TJi)4J6ѓ:)K<;mtn) 5E_ѫſ}$:}mFџ`o %cAda+F+9eIOsGHE >_8/g`IBn1KP -Mu>nSoqJh":Q%;?m[ħ{, /䎑<=;=LP6'in&. [7tKb)-N yux2Ƞ#%tBUX$yYMzJ,RTcD$PKFI39uEVHRo{ݼڜ6<1ަmƙBmK$h dgKe 3 KqkP I"+ ` >gԢᬖ^}+Y^N4~xr'|'xj}yUzP/9U۾Lm3ytmO$ ؑq eީӊNf|vu+ɅNo՗>W}>0kyR̵j s2fucBNj=0ف9k֧@ǂ cn ~U ުn8Gqܚx,uxuS意G 9+3rĸe}ۨ+=hKtvJowҽ{g;ᧅ}E tRTsd;I6ӱ$BUU+j*ۻȾ\EVe.tՕNt;>ri ,Fu d3DӼ4hAhfl3O7C]~l]sTxBo~=ˤa ]ek{*{w}wo]VZtC.qD &d/.%o.E ju OKt1ڬ/ۥ{HBĬhgN:\=(}IŘN~0_Bd=AW,r R9-FD^ښ&.1=.speiPLGvycYf)j1ԏ֙vVۍ%CnܲI&+qJMlGW}2O ȫ,Ilvšą=3{i‚vJlgdri"21"$iyN6R&rLyd]i/)2>h'c )&/ L\tqT^pa(Vhrbp?p5r 7 -=2ďwk>Re!`@ GA2~tD+$i7)n o)r'F,**5P)ѐsG{i0qtE|^sX!rC V{BҭMe!b0O<v$&0ɏF0C{ ̅(Hwz)M?0!MB^Z`wUn HfER5I Ryq -.4t>XggrpL%kIhG!p‘KbH-i%ʍogV۔g>,zr%+"]3)VZ哂JTBͰܿFDӨxr gq"X)o#fx02]\坎zPz1W/{̘t#_jR%%uA 0%sɯ$v&AWUV[o(fg[9ӆ= F paC+ɞ=֖'_}95^ֆ|bK } h #gӔApޣL%zj}X2Y fd"^Oً_J왈G|\;ԚSɱ1u`6%&)LX1*2g×IrkS$aجކ# W8<@>h|2Ɲt.͐k.toi.) q @5I %6Ǻy &x?P,jS?ȴ/{/u>a-!*y/Y>vnX`sd3];4kHYNB>alEދZJWJFf5tuJ dག'9+&kn"6h|SRtN0DtbP!@Яop[0}V.ÜW eq8 1+{UƍWY! ؆Ǯ;, /c*ҕ93_bgsC*$zCdo#D C21jda$@okԵ9thRץY**M4,˜wi P+#ϤN +ղt,#k{uKF"VPx8޲D8$L4VEr ƶocmŹ*Z:G}݋϶w4ǢD Oڽh <"GoncÊ0Cx@6l8Bcg R_gt4yI};jQ+5r.X rφW>knɹg u\ݲ~&.⫽yJ<ŗA9rW|kofv=fweP!hk1 Z5c6.ZxM_ o&`vljVs(Q=~]UѲF̊:t)ۼRbrWbp{,©y]{c ~uP2oO3@84ƗY'2 $I3Ʊ)+}^8cET2,,y3df.4րHHyWΐ.ޮcb >&; hxO!w_ڋKۨ_x}˼ s/i;hOj>dC$&Hm04.jc"ֵ8 a~?݃~Oes0?ExHh\?Sڞ`܀*ZWqUFZPhs| ךE3* I:nĽq4jknXei3LM?#"Lߣ^-Y?`?P}dɷs1V^xc^X2QȏQ QD]̩xnGb¤Zt'O|D2~(^Ax8n ʼn {l{[Ž$I!&ƘKjxVUՒ|Rӊ,w9]dDo01ꮐ֘1h*B UٜAKu*Z!ѤF*5-F5נ R9}645̈ ZkafDZZkݍu3uNi<1E7ZzڝZ<hfU'j"i?tnնK 1mnHt%,5q +c@`m 4,\ 7BπTaA4`C"eR%24`VVߑVRjR;rC;`8[7=yjMSZm_ܣF +*P6LeOr {'}ZpYXkO:Rgacn\KJ Ys:..2Hх%tHK,txZڊRLk?H>fp{g|[2@ eˡWqb\6ZWwF^ڨ]{LGb?vœ+^Vc"W36G&G<(c5~юMUbtM-S@w~j4ZMϱ{ cDku)' +K,-^a9eU&d[h4 ¨ӔEJL`s^um2d@$]/HkYTyW"Y lFY J ]0]hfL_ňVR>dD9-CwF#ӠOcӘPC c  Ƅ)<6$Ae5T?0j{돸RY \Zs4pLzUW9PJƈn_尟a@p=S-w0Șh MQ VHxDnr}vtV4!"CmangR II!Cs43DDc^ô kfĄ9eZ_jt/ #:k&(?,p E {GLƙ;fQZ, IS*9vqY@y#LL͂ZcAa~L#[C< X71MF·:a3+%̔,04<:Lma`t.t>ѧQPOnN&`j],Eǥ]-AGG71=` ?v_!usx\jHOJ׏IB uXRFB(6s b&Ɍ<~X׻e/( p @Ka1c~PoVr$4k >+%>gٕa)豪g/)޴ ;ew =M蕴B*^Ȉq/Y40 }:>1&}ןcgrֹ!MrvjM\EOAa[+|Uw;O:ןWU83=10kyl2/*vg(P]5/[NQʩhQ{̵,"^ûHKvE Ccqq^g |={J*Q^e5DM@*:!Ll+4=ӛVS+{Пxu3K_L8Χf=uRBjs@1@C|m]Nzs*4Bx_m^;^9@/97P~]~NmwS.?rO$ sCsyN?BB};}ZhOsʡ}SoC) 埳/E|9s _ /}/s{ ̡%%e^^'UWSN{(S7([N%_^U\]_O'Gt@tr5u\9O9z9##O9}}ʡ---m%:Iʙ#gk\8=>9)/9R{ WK(gsVڍNV`{CJ{_7G+@q}}9M+ťW*7yKxM}%kkV[MrnX_Kȣ_xi +{JyHGW4<< ~ bye?VRw;]CҤ]j.{%])W[O'ikr(%s<2g!g}=* ͱ#{"Ե0UOϛQǒGd .Ǒp[y剹?|K2xI0?ۓ{ݯ\pۭঠϻHށW-~kOW=Mԍx.nmG;yh#^]Yj7mϋ1y}³2پGh O WY-Kbġ_$Л<ݴ}FVj?fz:x}fOvHyѿnC{6'Ku}MoNDV)pF ;F,RK|c ,>a4 Dzrt5pÅ@$;,@}7,HRe_*V+rR8~G+A"ð{tHTMVYI0ZE9(W&K=# .=M^t fЇZCO3CX)x}̺lk %/zchd1Mk+cP<틒ՍPcc>H-mgrlCkvܙexad"d`Lk&Ea%$2ǃB '~-pIi/1S$Oˌ˟$4N Ӟ=+ ;.Ke!fIw&G ?>KGJ= %4Id`Կsg8C{)B9 H|\sEEבE,&Jh݄wjP%n2!-$?v{MʨϮY DN焽HaCm5u׌ezԢı"䴯Iױf9U,?hPxUE'0@$=Cf KӗG?Qc\sxjA߮ed#əW Bz ,* O*)bNm% 1o)%c׷5ۭ eTx/ē_| Њ3Obx`#YұߚR TDO"vy9$Kd7-YoˊL3t#m(F3R^ K! oX)un'|oW|B,;ks\6LDR }F0~Nڽm=խ`"s3mC@_ܥ92J1p(qmeFӧ7-[$@F'p'!MX ^"خ;Oq^'dd9a7CxM_ԕU`7g#~"3VœA>`0C3`܀}olI-Ox R}r:Y 965O~0qGĦrC|R4OepvR ?H朙/-稅;/Wvm:kmlQ/>¼yOW]Q'nal`d%k^F:Hu`WH؂{s-Wrcd+{f:PEXtl+ CW5`/=H^3(\n)ZF1tVB\(atg.XU\M)6r)*l XGڢ~&নN?|Nto{@72sa:igNb ȱ ya1 g{yW=?5^6Љe6G9a>=YʐLW\kDI qk.-wvŬ0&iE-㨤t`C v_.~ph[?҈>A wVǰYF!&7O80Ux|-h\l}{ݘ_;i9LgѸ8"?H=8=d+KWcaP^5FElT$bB]AyH>A@`V\3z7ZЮ gnBYˣŬ"D0Ȯ'Z:tsh;h۟X3THهl*~&To',{+ЃTnxFK-^xϋ|_ E>WNENE<<Sf}')VSL_Xџ_Q>q*g\%ƕyz@Xqө8Yo>_.)wByֹIgCRI>QoXQFK+O(QF2>;\Q|ҹ`ҍ;^zVyzھ:OVzvC&ȕ/g2F#xoUAúUj"<&o(FҢΰe=9Pk.yg;a+b(16lSTi29J{) qU˕4>!aa%nǝl| n%96L]_[ Pt'