Monday, July 24, 2006

MySpace Users Get MyMalware

MySpace users who expressed an interest in patio furniture got more than they bargained for if they clicked on an ad for DeckOutYourDeck.com earlier this month.

Michael La Pilla, an analyst for VeriSign iDefense, was searching MySpace on July 16 when he discovered that a patio furniture ad prompted a file called exp.wmf. If installed, up to five adware programs could have landed on the users' computers. La Pilla contacted MySpace but the company's defense team had already taken the ad down and was working to find its source.

Any user that was browsing with Internet Explorer and had not installed the latest Microsoft patches was vulnerable to this attack. In January, Microsoft released a patch that prevents WMF (Windows Metafile) files, so users that had installed the patch were safe. Browsers using Firefox version 1.5 or later are also protected from WMF files.

iDefense estimates that the ad was served to MySpace, Webshots, and possibly Facebook, installing the malware on 1.07 million computers.

MySpace executives were not available for comment, but Hemanshu Nigam, chief security officer for MySpace, issued the following statement:

"This is a criminal act. This ad is being delivered by ad networks who distribute these ads to over a thousand sites across the Internet in addition to ours. We are working to have these ad networks remove this ad so that they do not appear on our site. At the same time we strongly urge all Internet users to follow basic Internet security practices such as running the latest version of the Windows operating system, installing the latest Windows security patches, and running the latest anti-spyware and anti-adware software. If users have applied the simple patch available from Microsoft.com, they will not be vulnerable to this criminal act."

MySpace, which is owned by News Corporation, has a full-time ad staff but they apparently failed to check the authenticity of the deck ad. Ralph Thomas, a senior analyst for iDefense, says that this incidence will force them to put a little more effort into content control.

"It was delivered through their page so it was sort of their responsibility even though they are not the originator of content," Thomas said. "It's not necessarily a MySpace problem other than relying on a party that served up these ads."

But MySpace doesn't want to be known as the social networking site with the dangerous ads that could render a user's entire computer unusable. Thomas said he has seen forum postings in which users were infected by this adware and had to completely reinstall their operating system.

"Even though we found only adware, there is always the potential that there is malware included in all the files that are being downloaded because the files that are being downloaded can change at any time," Thomas said. "There is always the potential that it was malware at an earlier point or it could be malware at a later point. The computer could be so compromised that it could be unusable so reinstallation of the operating system might be the only safe thing to do."

News from PC Magazine: MySpace Users Get MyMalware

technorati tags:, , , , , , , , , , , , , ,

1 comment:

Anonymous said...

Many programms include spyware modules. Use anti-spyware for protect your privacy.
As for me, I like professional anti-spy software like PrivacyKeyboard by Raytown Corporation LLC.
You can download it here: http://download.softsecurity.com/1/14/prvkbd.zip (~4MB)


Anti-Spyware: Efficiency of the Means of Defense