MySpace ads for “Deck Out Your Deck” (DeckOutYourDeck.com) have become a vector for spyware, infecting millions of users with the PurityScan and ClickSpring spyware trojans. The spyware then contacts a Russian server based in Turkey and reports on the installation of the spyware, and floods the user’s machine with pop-up ads.
Discovered just yesterday, the trojan-infested DeckOutYourSpace.com ads have infected MySpace visitors by taking advantage of a known security hole in Internet Explorer related to how IE handles WMF (Windows Metafile) files.
Microsoft had released a patch for the WMF vulnerability earlier this year, but not everyone is as diligent about applying security patches and fixes as they should be (let’s hope you aren’t one of them!)
MySpace, while decrying the DeckOutYourDeck.com infestation as criminal, has put the responsibility squarely on the victims. Said MySpace’s security officer, Hemanshu Nigam:
“This is a criminal act. This ad is being delivered by ad networks who distribute these ads to over a thousand sites across the Internet in addition to ours. We are working to have these ad networks remove this ad so that they do not appear on our site. At the same time we strongly urge all Internet users to follow basic Internet security practices such as running the latest version of the Windows operating system, installing the latest Windows security patches, and running the latest anti-spyware and anti-adware software. If users have applied the simple patch available from Microsoft.com, they will not be vulnerable to this criminal act.”
|Pssst! Get notified of new TIP articles here:|
In otherwords, even though our system was infected and is the vector for this trojan spyware, if you had patched, you wouldn’t have been affected.
Good advice, or blaming the victim?
(Hey! Please let us know if you liked this article by leaving us a comment!)
You might also like some of our other articles: