Credit: Weerapatkiatdumrong / Getty Images The social networking site MySpace.com is under what one computer security analyst calls an “amazingly virulent” attack caused by a worm that steals log-in credentials and spreads spam that promotes adware sites.The worm is infecting MySpace profiles with such efficiency that an informal scan of 150 found that close to a third were infected, said Christopher Boyd, security research manager at FaceTime Communications.MySpace, owned by News Corp., is estimated to have at least 73 million registered users.The worm works by using a cross-scripting weakness found around two weeks ago in MySpace and a feature within Apple Computer’s QuickTime multimedia player. The exploit starts with a user who visits a MySpace profile infected with an embedded QuickTime movie. The movie loads JavaScript code that overlays a row of menu options on a MySpace profile with a bogus menu. A QuickTime function, called the HREF track, can direct the player to use JavaScript commands to load webpages into a browser frame or window. The JavaScript feature in QuickTime has legitimate uses, “but there are a lot of legitimate uses for technology that can be misused,” said Ross Paul, senior product manager with Websense.If an option in the bogus menu is clicked, the user is directed to a fake log-in page hosted on another server where the person’s log-in details are captured. Websense has posted a screenshot of the fake log-in page.MySpace’s “seemingly random tendency” to expire user sessions or log out users makes it less noticeable to victims that an attack is under way, according to a Nov. 16 advisory by the Computer Academic Underground.Additionally, the worm places an embedded QuickTime movie on the user’s profile, which will then repeat the infection process for anyone who visits the profile.The worm has another malicious function. Once a profile is infected, the worm sends spam to other people in the user’s contact list. Those spam messages contain a file that appears to be a movie but instead is a link to a pornographic site that also hosts adware from Zango, Boyd said. Zango, formerly 180 Solutions, settled last month with the U.S. Federal Trade Commission for US$3 million over complaints it didn’t properly ask the consent of users before its adware was installed.Boyd said he’s heard anecdotal stories of users removing the worm’s JavaScript manually from their profile, but the worm reappears after some time if one of their friend’s profiles is infected. Several variants of the worm have also appeared, he said.While some of the websites hosting the malicious QuickTime movie have been taken down, others have appeared, Boyd said.The Firefox 2.0 browser was flagging some of the bogus log-in sites as phishing sites, Boyd said. However, phishing sites can be active for several hours before they are flagged, he said. MySpace officials in London couldn’t immediately comment Monday morning.-Jeremy Kirk, IDG News Service (London Bureau) Related content brandpost Sponsored by SAP When natural disasters strike Japan, Ōita University’s EDiSON is ready to act With the technology and assistance of SAP and Zynas Corporation, Ōita University built an emergency-response collaboration tool named EDiSON that helps the Japanese island of Kyushu detect and mitigate natural disasters. By Michael Kure, SAP Contributor Dec 07, 2023 5 mins Digital Transformation brandpost Sponsored by BMC BMC on BMC: How the company enables IT observability with BMC Helix and AIOps The goals: transform an ocean of data and ultimately provide a stellar user experience and maximum value. By Jeff Miller Dec 07, 2023 3 mins IT Leadership brandpost Sponsored by BMC The data deluge: The need for IT Operations observability and strategies for achieving it BMC Helix brings thousands of data points together to create a holistic view of the health of a service. By Jeff Miller Dec 07, 2023 4 mins IT Leadership how-to How to create an effective business continuity plan A business continuity plan outlines procedures and instructions an organization must follow in the face of disaster, whether fire, flood, or cyberattack. Here’s how to create a plan that gives your business the best chance of surviving such an By Mary K. Pratt, Ed Tittel, Kim Lindros Dec 07, 2023 11 mins Small and Medium Business IT Skills Backup and Recovery Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe