Virus worms its way into MySpace

Anti-virus experts at security firm MicroWorld have issued a warning to online users regarding a malicious worm called Win32.Ofigel, which is spreading in large numbers across the popular social networking site, Myspace.com.

  • E-Mail
By  Cleona Godinho Published  December 7, 2006

Anti-virus experts at security firm MicroWorld have issued a warning to online users regarding a malicious worm called Win32.Ofigel, which is spreading in large numbers across the popular social networking site, Myspace.com. According to MicroWorld, when a MySpace member views an infected profile, a Quicktime movie carrying the worm starts playing. This worm exploits an XSS vulnerability in the network using JavaScript code and then replaces the user’s Myspace menu with a fraudulent one, the items of which redirect the user to a phishing website identical to Myspace, where the person’s username and password are then recorded. MicroWorld then claims the worm can log onto a number of websites to download the malicious Quicktime movie and add it to the victim user’s profile. When a new user - mostly likely one of the victim’s contacts - watches the movie, their PC also gets infected. According to Microworld, the Ofigel worm later harvests the e-mail IDs of a victim’s contacts and starts sending them spam e-mails with subject lines such as, ‘What else is there to do on a Sunday’, ‘You better not forget about this’ and ‘Hehe, that was so funny’. “This is just one of the many recent incidents that goes on to prove how multi-tiered and multi-pronged the online threats have become in recent times,” stated Sunil Kripalani, vice president of global sales and marketing at MicroWorld. “The attack involves a worm, a media player, phishing and spamming. It also gives a clear indication that community websites are fast becoming one of the most preferred vectors of malware proliferation.” Myspace officials have announced that they are acting to minimise the impact of Ofigel by identifying the URLs attempting to exploit the XSS vulnerability. Those URLs are apparently now being blocked by the MySpace team, while the infected profiles are being removed completely. According to Microworld, the website currently boasts a 70 million strong user base. In October of this year, UAE’s incumbent telco Etisalat reversed its position on the blocking of the MySpace site by unblocking it.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code