According to the software giant, attackers send new friend requests to Myspace users, and when these users click on the person’s picture or link it shows a profile page with an overlaid Windows automatic updates pop-up box. This pop-up box is said to look genuine, and when users click on the box the computer will begin to download a Trojan called TFactory.
McAfee claim that the hackers have either discovered a flaw in the MySpace code, or have found a way to take over user accounts, and that the downloads appear to come from Malaysia and the Ukraine. Microsoft and Myspace have been notified, and users are asked to beware of friend requests from people they do not know.
McAfee also used the opportunity to promote its security software, which recognizes and stops the malware, although the majority of security software will do the exact same thing.
Meanwhile, Finjan announced that its Malicious Code Research Center has identified yet another significant new web attack. The company reports that more than 10,000 websites in the US were infected in December by the ‘random js toolkit’. This new Trojan is said to be extremely elusive and sends data from the end user’s machine to the Trojan’s creator. Information sent could include sensitive information such as passwords and surfing habits.