MySpace page serves fake Microsoft update

By Dave Nixon

Fake Microsoft updates provide an additional reason to be security-conscious while using MySpace.com

Online criminals, utilising a bogus MySpace profile, are attempting to hoax victims into downloading a malevolent Trojan Horse program by disguising it as a Microsoft update, according to researchers at McAfee.

Although not widespread, with McAfee detecting only one MySpace profile in this case, the attack illustrates how sites like MySpace can be abused by criminals.

Users are offered what appears to be a popup window advising them to download the latest version of Microsoft’s Windows Malicious Software Removal Tool, recently released this Tuesday, to help Windows users rid their systems of malware.

In fact, the popup is just a component of a larger image filling the majority of the computer screen. If the user clicks anywhere on this image, the users system will then start to download the Trojan program.

Known as TFactory, the Trojan is a recognized piece of code that has been used by criminals for more than a year, according to Dave Marcus, a security research manager with McAfee.

Either through discovery of a flaw in the MySpace code or a method of taking over user accounts, hackers were able to launch the attack, Marcus said. “Our best guess is [the owner of the one MySpace profile] just got their password and user name phished,” he stated.

Social networking sites provide members with a selection of potent Web programming tools that are increasingly inspected by hackers seeking ways to abuse them.

In November, hackers discovered how to provide Web-based attack code from the MySpace profiles of Alicia Keys and a number of other musical artists.