back to article Poisoned MySpace page masquerades as Windows Update

Doom watchers at McAfee have discovered a booby-trapped MySpace page that foists malware on users by spoofing a Microsoft update down the center of the profile. The image (below) looks authentic enough to the drunk and uninformed. It is superimposed over the profile of a MySpace user who goes by the name of Rita. Clicking on …

COMMENTS

This topic is closed for new posts.
  1. Colin Wilson
    Paris Hilton

    Obvious solution to "image" scams ?

    Switch off all the tellytubby eyecandy XP throws at you, and go back to classic mode - your machine will be more responsive, and won't look like it was another botched Mrs "Bob" Gates project...

    Sure, this cunning plan will fail if enough people do it to make it obvious, but as a starter for ten...

    Paris icon used because she probably likes tellytubbies.

  2. Anonymous Coward
    Linux

    @Colin Wilson

    Two things: First, please explain how simply switching schemes in XP will protect you from anything except perhaps mild nausea. Second, I believe it's "Teletubby", not "Tellytubby", unless of course this particular horror wears different nomenclature in the UK.

  3. James Condron

    @ Anonymous Coward

    Because the image will appear to use a theme you're not using. Is it really that difficult?

  4. Anonymous Coward
    Stop

    Nubile?

    Rita not hot not nubile and two thirds my age possibly. You need to get your eyes checked mate.

  5. Vaughan Trevor Jones
    Thumb Down

    Stick to topic

    Gotta say who ever came up with that one, has some skill. Throw away the keys!

    *Off topic rant*; why is it that most people can not stay on topics with these comments. I mean seriously don't the admins read this stuff. So then do not complain when an article does not have an IT angle, cause when it does your comments are off topic.

  6. Anonymous Coward
    Paris Hilton

    Rita. Hot or Not??

    I expect to most computer geeks she look like a goddess :-)

    I mean, some of us dont think Paris Hilton is THAT attractive.( wouldnt say no though)

  7. Anonymous Coward
    Anonymous Coward

    So old it has whiskers

    http://blog.spywareguide.com/2007/06/rogue_security_applications_be.html

    June 5th, 2007?

  8. Simon

    lack of essential security i suppose

    just doesn't effect us linux users. I use my machine for business so i couldn't risk using such insecurity as windoze, good for games, about it.

  9. Anonymous Coward
    Coat

    So where is...

    ...the "toxic girlfriend" joke?

    (I suspect there are at least five of these in the queue waiting for the guy in Guadalajara to vet them for online-fitness)

  10. Anonymous Coward
    Unhappy

    Hang on a mo...

    Jeez man, watcha saying? That's my mom!

  11. Test Man
    Thumb Down

    Re:Colin Wilson

    Do you think changing the theme is going to stop n00b users from downloading the malware anyway? Think about it, if you're intelligent enough to work out that the window is appearing in a theme that isn't the current Windows theme, then you'd be intelligent enough to know it's a fake window ANYWAY (without having to change the theme). Therefore, that "advice" is really useless.

    It's simple, common sense will defeat this.

  12. davebarnes

    A link would be appreciated

    A link to the MySpace page would be appreciated so we could check it out for ourselves.

  13. RW
    Heart

    @ Test Man

    Hey, I resent that. I'm hardly a newbie, yet the first time a popup along these lines appeared on my archaic Win98 machine running Netscape 7.2, I had to stop and think before figuring out what was going on.

    It was the use of what I suppose was an XP theme that was the clue, but even me with my marvelous brain had to pay attention. Cut the real doofuses and noobs some slack, okay?

    [IIRC, it was one of those "your computer is infested with malware, quick, download our malware so you have a complete set to tell your grandchildren about" scams a few years ago.]

  14. Anonymous Coward
    Anonymous Coward

    Obvious?

    It seems to me that autoblocking any downloads from servers hosted in Russia or the far east is a good way to go. Likewise, my spam detection would go from 90% kill rate to near 100% if IP ranges of links were checked - all but a tiny minority point to sites hosted in China or Russia.

    Obviously if you tend to receive email with links to sites hosted in, or download stuff from, China/Russia all the time it won't work, but the majority of n00b users won't, and I certainly don't. If you wanted to be more specific, spamblocking / download blocking to IPs from known bulletproof ISPs would be useful - has anybody ever seen a legitimate link to something hosted on Chinanet? :P

  15. Robert E A Harvey

    Dead give away

    I had a similar pop-up whilst searching a more specialist site for photographs of east german railway locomotives.

    Since it claimed to have scanned my copy of windows I was immediately suspicious - I was running slackware at the time - and reported it to the site owners who told me later that day that their server had been hacked and would be off for several days while they sorted it out.

  16. Anonymous Coward
    Joke

    Solution

    How about we don't connect to the internets :)

  17. Steven Swenson
    Boffin

    Easy trick

    At first I wondered how on earth they made it do that, since myspace filters out any attempts to place javascript on their pages. Then I realized that it's just a simple image with some CSS to place it. How do they catch you clicking near it? The image file itself is bigger than the depicted window with a transparent filling.

    Seriously though, something like that would never fool me. Seeing my mouse pointer change before I even got to the button would alert me. Even if I didn't use Ubuntu now.

  18. William Wallace

    Re: Dead give away

    What on earth is the collective term for people who run Linux and collect photographs of East German railway locomotives? Has it been invented yet?

  19. Chris Hamilton
    Coat

    Eeeeeeevillllllll!!!!!

    Myspace is the root of all evil and shall be the downfall of mankind.

    Bebo is much better.

  20. Anonymous Coward
    Thumb Down

    re: "Bebo is much better."

    In the same way that having only one testicle nailed to the table is much better than both?

  21. Slaine
    Paris Hilton

    re: "Bebo is much better."

    Meethinks it is more akin to the choice between having your testicles smashed with a brick or with a cricket bat.

    PH 'cause my nuts ache.

  22. Anraí MacCoilín
    Happy

    "Bebo is much better"

    Personally I think Facebook is better, but in a real cynical "the man" is watching us, I think they are all evil in some way or another.

  23. TeeCee Gold badge
    Coat

    @William Wallace.

    Good point. We're through anorak territory there and heading into the 1970's vintage blue nylon snorkel parka a size too large with orange lining enclave.

  24. Anonymous John

    Don't know if it's connected,but,

    I got this earlier today. Didn't click on it of course.

    Ninian

    is a member of MySpace.com and is inviting you to join.

    Your friend says:

    Sexy?..

    Join MySpace.com and you will instantly be connected to your friend, and to

    each of his (her) friends.

    Click Here to Join:

    http://www6.register.myspace.com/invid/r?=38734

  25. Morely Dotes

    @ David Wiernicki

    Add Turkey, Israel, the UAE, Saudi Arabia, Egypt... To that list.

  26. Jorge Olguin Avalos
    Gates Halo

    That's why I don't connect to internet...

    Situation like this... watching someone else profile, and chances to get infected.. are the main reason I don't connect to internet...

    So if you want to be protected like me... don't connect to internet.. like me at this moment... you newbies...

This topic is closed for new posts.

Other stories you might like