TMCnet - World's Largest Communications and Technology Community




January 14, 2008

MySpace Users Targeted by Trojan Download Disguised as Windows Update

By Raju Shanbhag, TMCnet Contributing Editor

As the number of applications and programs written for social networking sites like MySpace (News - Alert) increases, the number of Trojans and worms written specifically for these sites is also on the rise. Online criminals are now targeting MySpace by trying to trick users into downloading a Trojan, which is disguised as a Microsoft (News - Alert) update. These MySpace hackers are using a fake profile.

The Trojan, known as TFactory, is a well-known piece of code that has been used by criminals for more than a year, PC World reported Saturday. The attack is not widespread and security company McAfee (News - Alert) has observed it only on Web sites like MySpace, PC world said, citing information from McAfee security research manager Dave Marcus.
Here’s how the scam works: MySpace users encounter a pop-up window suggesting that they download the latest version of Microsoft's Windows Malicious Software Removal Tool, released last Tuesday. The window claims the software is distributed by Microsoft to help Windows users rid their systems of malware.
In reality, PC World said, when users click the download link, the pop-up window turns into a nearly fullscreen image; if the users clicks anywhere on the image, download of the Trojan begins.
To target individual users, it appears that hackers either figured out a way to obtain usernames and passwords for profiles, or located security flaws on the Web site, PC World said.

Don’t forget to check out TMCnet’s White Paper Library, which provides a selection of in-depth information on relevant topics affecting the IP Communications industry. The library offers whitepapers, case studies and other documents which are free to registered users. Today’s featured white paper is The Challenge of Maximizing Service Availability and Security, brought to you by Mu Security (News - Alert).

Raju Shanbhag is a contributing editor for TMCnet. To read more of Raju’s articles, please visit his columnist page.

Technology Marketing Corporation

2 Trap Falls Road Suite 106, Shelton, CT 06484 USA
Ph: +1-203-852-6800, 800-243-6002

General comments: tmc@tmcnet.com.
Comments about this site: webmaster@tmcnet.com.


© 2021 Technology Marketing Corporation. All rights reserved | Privacy Policy