MySpace page sends fake XP update

McAfee Avert Labs announced Friday a Trojan horse attack disguised as a Microsoft update on a particular MySpace profile.

Attackers send friend requests to the victim MySpace users. Clicking on the person’s picture or name link loads a profile page with what looks like a legitimate Windows Automatic Updates pop-up box. When the user clicks the pop-up, it results in a request for a file download masked as a Microsoft update called “updateKB890830.exe” from a server that includes “winxpupdate.Microsoft” in its name.”

“The file in actuality is a true malware cocktail,” McAfee said. “If installed and run it downloads programs from multiple servers that in turn download more malware in addition to Trojans, and a remote control tool.”

Initially, McAfee thought the download files look to be from China, but its Avert Labs determined the origin of the IP address belonging to an ISP in Malaysia and further downloads directed from the Ukraine.

The malicious MySpace profile is still live, McAfee said late Friday. MySpace and Microsoft have both been notified. Users should beware of friend requests from people they don’t know and be cautious when surfing MySpace profiles.

Blast is The Online Magazine

In Computers, Technology on January 11, 2008 at 19:00

One Response to “MySpace page sends fake XP update”

  1. MySpace page sends fake XP update on January 11th, 2008 7:29 pm

    [...] post by Blast Magazine Newsroom Similar Posts Keyword News: [facebook] Update MySpace Update - Rob and Beth Frost Bite News [...]

Got something to say?





Note: This post is over 10 months old. You may want to check later on in Blast to see if there is new information relevant to your comment.

Creative Commons License Valid XHTML 1.0 Transitional

Blast is the Online Magazine