Advertisement
Promo

Security threats Toolkit

MySpace hit by security breach

Tom Espiner ZDNet.co.uk

Published: 21 Jul 2006 17:30 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

Over a million MySpace users have been exposed to spyware that exploits a Windows vulnerability through a banner ad on the site, the BBC reported on Friday.

Those using Internet Explorer that has not been patched against the Windows Meta File (WMF) vulnerability could be exposed to spyware and adware.

The vulnerability in the way WMF images are handled by Windows was discovered in November 2005. In a WMF attack, exploit code is hidden within a seemingly normal image that can be spread via emails or instant messages, or via Web sites.

Reports suggest the advert has been running for approximately a week.

Security firm iDefense detected computer servers being used to log how many times adware was installed from the advert, according to the Washington Post.

Over one million installations of the adware were logged before the servers were shut down.

"This is a criminal act," said Hemanshu Nigam, MySpace chief security officer, according to reports. "This ad is being delivered by ad networks who distribute these ads to over a thousand sites across the Internet in addition to ours."

"We are working to have these ad networks remove this ad so that they do not appear on our site," Nigam said.

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with EPSON

Did you find this article useful?
198 out of 274 people found this useful


In association with HP

Talkback

Post a comment


Full Talkback thread

2 comments

  1. Anyone using MSIE needs to switch to Firefox or Mo... Oldator
  2. I would look at Michael Baker and BAKERMEDIA! Anonymous

Related Links

More In Security threats



Company/Topic Alerts

Create a new alert from the list below:




Related BlackBerry Resources

Protecting the BlackBerry Device Platform Against Malware

BlackBerry Devices with Bluetooth - Security Overview

BlackBerry Enterprise Server IT Policy

BlackBerry Enterprise Solution - Security Technical Overview

BlackBerry Enterprise Solution and RSA SecurID

CIO's Guide to Mobile Security

See All White Papers

Video icon

Video

Sentry Posts Blog

Official Organizations Losing Data

How does this article from earlier today make you feel? How many more government, health service, or military officials are going to lose pen drives, DVDs, USB hard disks and even entire... More

2 comments

Twitter hack was DNS redirect

Twitter has said an attack on Thursday which took the site offline for many users was the result of a DNS redirect. A group calling itself the Iranian Cyber Army redirected users... More

1 comment

McKinnon lawyers seek judicial review

Lawyers seeking a judicial review for Nasa hacker Gary McKinnon lodged fresh evidence of his psychiatric state at the High Court on Thursday. Karen Todner, McKinnon's solicitor,... More

1 comment

Win a BlackBerry with Vlingo voice recognition

Win a BlackBerry with Vlingo voice recognition

What is ZDNet UK's usual tagline?

Competition closes - 14 Jan 2010


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters