MySpace page laced with fake Microsoft update

Share this article:

McAfee researchers are warning of a new MySpace phishing campaign in which users receive "friend" requests that attempt to infect them with assorted malware disguised as a Microsoft update.

Users who click on the profile of the person trying to befriend them are lead to the individual's page, which is overlaid with a real-looking Windows pop-up box promising automatic Windows updates, McAfee Avert Labs researcher Tad Heppner wrote today on the company blog.

Clicking on that box prompts an executable window requesting users to install the updates - specifically the Microsoft Malware Removal Tool (MSRT) - but it actually leads to "a true malware cocktail," he said. That includes a mixture of trojans, tools that permit remote control of the infected PC and other malware.

Researchers traced the IP address back to an internet service provider in Malaysia.

"Users should beware of friend requests from people they don't know and be cautious when surfing MySpace profiles," Heppner said. "Responsible browsing practices are advised."

Bill Sisk, security response communications manager for Microsoft, told SCMagazineUS.com in an email Monday that it was investigating public reports of the scam and that users should know that the MSRT is only available through Windows or Microsoft updates.

"Users should exercise caution with requests received from unknown sources, or received unexpectedly from known sources," he said.

This is not the first time spoofed Microsoft updates have been circulated in an attempt to drop malicious code on users' machines.

In June, experts said an email claiming to include a cumulative security update for Internet Explorer made the rounds, except it included a link to a malicious executable file on a remote server, which installs a browser add-on to the vicitm's PC.

A MySpace spokeswoman did not return a request for comment.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

Reported breaches involving zero-day bug at JPMorgan Chase, other banks

Reported breaches involving zero-day bug at JPMorgan Chase, ...

Hackers exploited a zero-day vulnerability and gained access to sensitive information from JPMorgan Chase and at least four other financial institutions, reports indicate.

Data on 97K Bugzilla users posted online for about three months

During a migration of the testing server for test builds of Bugzilla software, data on about 97,000 Bugzilla users was inadvertently posted publicly online.

Chinese national had access to data on 5M Arizona drivers, possible breach ...

Although Lizhong Fan left the U.S. in 2007, the agencies responsible for giving him access to Americans' personal information have yet to disclose the details of the case to the public.