NOW READ THIS
("Security Advisory")

Go Back

---

Submitted by: Bill Hickey
NCVA List Master

NRT-0227 Hackers take over MySpace pages to build bots:

Drive-by exploits have been embedded in a few dozen legitimate MySpace pages, according to a warning by the SANS Internet Storm Center cited in an online IT journal. The malicious code embedded in the compromised web pages installs the FluxBot, a dangerous new bot that uses a complex and changing set of networks of proxy servers rather than a central command and control site, said SANS, making it extremely difficult to shut it down or clean it off an infected system. The exploit tries to take advantage of an Internet Explorer bug that was patched in mid-2006. "People in general trust MySpace as a site so they don't disable JavaScript when they go there. [Although] MySpace the company may be trustworthy, the content buitl by users may not be," said SANS, adding that MySpace had reacted quickly in an effort to fix the issue.

(www.informationweek.com 27JUN07)

Last Modified: Sunday, 22-Jul-2007 08:34:01 EDT