Hacked Ad Seen on MySpace Served Spyware to a Million

["Fergie" <fergdawg () netzero net>]

Brian Krebs:

[snip]

An online banner advertisement that ran on MySpace.com and other sites
over the past week used a Windows security flaw to infect more than a
million users with spyware when people merely browsed the sites with
unpatched versions of Windows, according to data collected by iDefense,
a Verisign company. 

Michael La Pilla, an iDefense "malcode" analyst, said he first spotted
the attack Sunday while browsing MySpace on a Linux-based machine. When
he browsed a page headed with an ad for DeckOutYourDeck.com, his
browser asked him whether he wanted to open a file called exp.wmf.
Microsoft released a patch in January to fix a serious security flaw in
the way Windows renders WMF (Windows Metafile) images, and online
criminal groups have been using the flaw to install adware, keystroke
loggers and all manner of invasive software for the past seven months. 

[snip]

More here:
http://blog.washingtonpost.com/securityfix/2006/07/myspace_ad_served_adware_to_mo.html

- ferg


--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg(at)netzero.net
 ferg's tech blog: http://fergdawg.blogspot.com/


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.