UPDATED 12/2/06 - IMPORTANT: MySpace Hack Found Last Night

[brad]

Ok.. just cleaned up my profile space... the navbar hack was in the "about me" section... I also had a new entry in the "Movies" section (a section that was blank for me)..

nasty little ****er

[AndrewCCM]

Here is more info... Basically, you are infected by Apple Quicktime movie that is embedded. You'll need to look for a .MOV URL embedded in your profile as well or you'll continue to get infected by it..
----------------------------------

MySpace QuickTime Worm (NEW)
Published: 2006-12-02,
Last Updated: 2006-12-02 19:04:45 UTC by Koon Tan (Version: 1)

Juha-Matti has sent us some information regarding malicious codes spreading on MySpace network using Javascript support within Apple's embedded QuickTime player. Websense has also confirmed this.

Extracted from Websense writeup:

Once a user's MySpace profile is infected (by viewing a malicious embedded QuickTime video), that profile is modified in two ways. The links in the user's page are replaced with links to a phishing site, and a copy of the malicious QuickTime video is embedded into the user's site. Any other users who visit this newly-infected profile may have their own profile infected as well.

An infected profile can be identified by the presence of an empty QuickTime video or modified links in the MySpace header section, or both.

More details:
http://www.websense.com/securitylabs...hp?AlertID=708
http://www.neowin.net/index.php?act=view&id=36299
http://www.neowin.net/forum/index.php?showtopic=517166

[Citex]

Wow I had that link in my "movies" part of my profile too. Thanks for info.

[MarcoFromHouston]

I just cleaned my profile. Thanks for the info. Found the extra stuff in the About Me & Movies sections.

I checked my friends.... only 1 other was infected.