Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    September 2014
    S M T W T F S
    « Aug    
     123456
    78910111213
    14151617181920
    21222324252627
    282930  
  • About Us

    http://www.myspace.com/mamasaidthebandYet another malware is recently discovered lurking the pages of MySpace, a popular social networking Web site that has become a favorite target of threat attacks by malware authors today. This malware is a JavaScript Trojan that uses QuickTime movies as its infection vector. This malicious script is found embedded in a MySpace page of a French rockband. The said page has an EMBED tag that instructs a user’s browser to play a movie when the HTML page is opened. However, the attribute of the movie is set to “hidden”, therefore it is invisible to the profile viewer. The QuickTime movie is downloaded from the server, profileawareness.com.



    QuickTime has a feature that allows URLs or JavaScript codes to be embedded in a movie. This malware takes advantage of this feature by embedding a malicious JavaScript program within the movie. Thus, when the movie is played, the JavaScript is automatically downloaded and executed. This JavaScript is a spyware that collects data about MySpace users that visits the page. The stolen information is then uploaded to the profileawareness server.


    Trend Micro detects the malicious JavaScript as JS_SPACESTALK.A and the QuickTime movie as TROJ_DLOADER.JHV.


    External sources have confirmed that the said vulnerability exists in version 7.1.3 of the Quicktime software for Windows and possibly earlier versions as well. This issue has already been addressed by Apple in their latest Quicktime release. More information on how to update Quicktime can be found here.

    Sometimes when you try to update your Quicktime players using the “Update Existing Software” option under the program’s help menu, it tells the user that his software is already up to date even if it isn’t. To be safe you may have to manually re-install the software using the latest installation package available at the Apple Web site.


    Sources:





    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   del.icio.us   StumbleUpon






     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice