July 18, 2006 12:42 PM PDT

Worm lurks behind MySpace profiles

Related Stories

Samy opens new front in worm war

October 17, 2005

News Corp. in talks to buy search engine

August 12, 2005
A worm is targeting MySpace users, compromising their "About me" pages and infecting visitors to them, Symantec has warned.

When a logged-in MySpace user goes to another member's "About me" page affected by the ACTS.Spaceflash worm, they are quietly redirected to a URL that holds a malicious Macromedia Flash file, the security company said in an advisory on Spaceflash Tuesday. That file, in turn, will replace the visitor's own "About me" page with one that is compromised.

"It's an annoyance, at this point, for users, but the capability exists where it can lead to malicious actions and steal sensitive information," said Dean Turner, senior manager of Symantec, which currently rates the Spaceflash threat as low.

Figures were not readily available on the number of MySpace users who were infected by the worm, Turner said.

The worm takes advantage of the way Adobe Systems' Macromedia Flash technology, used to display media on the Internet, handles its action scripting for movies and music.

"Adobe recognized this vulnerability in Flash 8 and fixed it in its latest version, which is why we're urging all members to upgrade to Flash 9," Hemanshu Nigam, the chief security officer of MySpace, said in a statement.

Symantec is advising MySpace users to disinfect their "About me" page by deleting a specific line of code, or to disable their use of JavaScript on MySpace.com to mitigate the problem.

Content uploaded to MySpace and other social-networking sites needs to be validated and vetted by the Web site operators to ensure users do not infect each other, Turner said.

The Spaceflash worm is not the first to hit MySpace. Last fall, it was hit by the Samy worm, which added a million users to the friends list of the worm's author.

See more CNET content tagged:
MySpace, worm, Macromedia Flash, Symantec Corp., Macromedia Inc.


Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot



RSS Feeds

Add headlines from CNET News to your homepage or feedreader.