myspace

To think the attacks over the internet would end, users of MySpace have been hit by a termed “Link Hack” which was discovered and is being studied by Websense which found the hack to re-direct the parsing process from the MySpace profile page, to the malicious site them back to the said legit page. The hack allows malicious code to be attached to all aspects of the MySpace page (such as the View Pictures, View Profile and other such legitimate functions that are normally used on the social networking site but instead of doing the requested operation, the user is re-directed to another site which prompts the user to click the back button or try to figure out what the hell just happened with the malicious phishing site getting all the info it needs and the cycle continues again and again.

The hijack process comes in stages and all the while the misguided clicks always execute a piece of JavaScript which re-directs the user to a page that seems to be the MySpace site but actually isn’t. The problem has seemingly dropped traffic due to the shutting down by the phishing site. Websense has informed the MySpace people regarding the matter and they are surely taking action to provide measures to ensure the privacy (which may be next to impossible to such open sites) of their subscribers. Symantec has also raised the alarm and has released information that can help users avert the disclosure of personal information to the said phishing site. MySpace has also identified several individuals who might be involved in the attack and have suspended their accounts as they continue to investigate the actions of these errant users and what part they had with the attach on the social networking site.

MySpace logo

Yes, you have probably read it before on different news sites and blogs. An ad on MySpace spread spyware. As reports have mentioned, the banner ad was the one used to spread it. For Windows users who did not get the patches, they were affected by it as it was a WMF vulnerability that was exploited. Average computer users would probably be the ones who were greatly affected by this and they probably did not even notice anything.

There are articles that even mention the other browser, which is Mozilla Firefox. They said that those who use it were probably not affected by it unless the user downloaded the WMF file and opened it on their computers that are running on Windows. It is mainly something that affects Windows users who browse using Internet Explorer.

Things like this incident make the IT department of different companies become more wary, hence banning of more sites if they lean towards paranoia. In the first place, when there are patches released, they are the ones who should take charge and informing others about it. Or they should take the initiative to handle it. Also, users must be more aware of these matters. Security patches are not released without any reason. In this age where computer users are very much connected to one another via the Internet, incidents like this one could happen very often. As the adage goes, an ounce of prevention is better than a pound of cure. Have you checked if you have been able to patch up your Windows machine? If not, get those patches now!

[tags]myspace,windows,spyware[/tags]