MySpace Ads Infect Millions with Spyware - 5,133 Views, 7 Comments
|
Previous Article « New “Windows Genuine Advantage” Worm Cuebot-K Being Spread by AIM, Installs Self as Wgvan.exe and Dcpromo.log
Read Next Article » Yahoo Offers Popular Music Downloads with No Digital Rights Management - “DRM Doesn’t Add Any Value” says Yahoo
MySpace ads for “Deck Out Your Deck” (DeckOutYourDeck.com) have become a vector for spyware, infecting millions of users with the PurityScan and ClickSpring spyware trojans. The spyware then contacts a Russian server based in Turkey and reports on the installation of the spyware, and floods the user’s machine with pop-up ads. Discovered just yesterday, the trojan-infested DeckOutYourSpace.com ads have infected MySpace visitors by taking advantage of a known security hole in Internet Explorer related to how IE handles WMF (Windows Metafile) files. Microsoft had released a patch for the WMF vulnerability earlier this year, but not everyone is as diligent about applying security patches and fixes as they should be (let’s hope you aren’t one of them!) MySpace, while decrying the DeckOutYourDeck.com infestation as criminal, has put the responsibility squarely on the victims. Said MySpace’s security officer, Hemanshu Nigam: “This is a criminal act. This ad is being delivered by ad networks who distribute these ads to over a thousand sites across the Internet in addition to ours. We are working to have these ad networks remove this ad so that they do not appear on our site. At the same time we strongly urge all Internet users to follow basic Internet security practices such as running the latest version of the Windows operating system, installing the latest Windows security patches, and running the latest anti-spyware and anti-adware software. If users have applied the simple patch available from Microsoft.com, they will not be vulnerable to this criminal act.” In otherwords, even though our system was infected and is the vector for this trojan spyware, if you had patched, you wouldn’t have been affected. Good advice, or blaming the victim? 
Follow Anne on Twitter
MySpace Ads Infect Millions with Spyware
Twitter Explained in Plain English
Previous Article « New “Windows Genuine Advantage” Worm Cuebot-K Being Spread by AIM, Installs Self as Wgvan.exe and Dcpromo.log
Read Next Article » Yahoo Offers Popular Music Downloads with No Digital Rights Management - “DRM Doesn’t Add Any Value” says Yahoo
Read more:
» Spyware for Pornography Site Leads to Jail Time
» Don’t Think Spyware is Really a Problem?
» Kazaa Has “High Clot Factor”, and is Spyware According to Computer Associates International
» The Internet Patrol’s MySpace Profile: Testing the MySpace Danger
For additional similar stories check out our archives on MySpace, Spyware & Adware
NOTE: We never, ever, ever will recommend any product or service on this site that we have not regularly used ourselves and do not wholeheartedly believe in. That said, in some cases after being very pleased with a product or service, we may enter into a relationship with the provider of that product or service such that if someone purchases that product or service based on our recommendation, we may get a small payment. Such payments go towards the upkeep of the Internet Patrol.
Good advice. It’s amazing, these “malware” programs are released. The companies spend time and money to create patches, make automatic download of the patches, and STILL people won’t apply them! I can understand some corporate systems being cautious (they usually have other protective programs anyway), but not many companys use “MySpace”. Why people won’t apply the patches is beyond me!
Comment by Raymond J. Combs — 7/21/2006 @ 9:05 pm
I fully agree with them, and the person who was first to comment.
Comment by Rub3X — 7/22/2006 @ 12:00 am
I agree. If you don’t patch your system and still click on ads, you deserve what you get. Maybe you’ll learn next time.
Comment by Paul Masters — 7/22/2006 @ 10:33 am
Good advice — and completely true. It’s asinine to blame MySpace: they’re only one of thousands of sites running the same ad. The bottom line is, it’s foolish to surf without protection. Blaming someone else for your own idiocy isn’t reasonable.
Comment by HeckYeah — 7/23/2006 @ 8:19 pm
I belive it is the users fault also. However I worry about the legit ads and sites trying to “stay afloat” with the income they receive when ads are clicked. Many great freeware projects could lose out.
Comment by Ben — 7/24/2006 @ 4:31 pm
It’s like a person who does not follow a Doctor’s perscription to take three tablets of antibiotics every day. The person doesn’t follow the doctor’s advice and then says it’s the doctor’s fault.
I believe that this is another case of where STUPIDITY IS IT’S OWN REWARD.
Some people are either to lazy to do the right thing and too quick to blame someone else for their own mistakes.
Comment by David Dorey — 7/25/2006 @ 8:11 am
There is something Every One of us can do to help fight this spam issue! Sign up for your Free Knujon.com account. These people collect spam & junk email and send an opt out request to the sender. They have Shutdown several Thousand at last count junk & spam emailers web sites. Lets face it, lets All pull together and fight spam, its not going away until everybody does their part. There is Strength In Numbers
Comment by lanker — 9/28/2006 @ 6:29 am