NationStates Jolt Archive


MySpace ad downloads spyware

Sel Appa
21-07-2006, 20:32
Hahahahaha! You suck MySpace users!

Source (http://news.yahoo.com/s/nf/20060721/tc_nf/44765)

A banner advertisement posted on the MySpace Web site may have infected more than one million users with adware, according to security firm iDefense. The advertisement was included in user profiles on MySpace and could have been operating for about one week.

The deckoutyourdeck.com advertisement exploited a flaw in the way Microsoft's Internet Explorer (IE) browser handles Windows Metafile (WMF) image files. Users running unpatched versions of IE would never have realized that the banner ad had silently installed programs that generate pop-up ads on their system.

"This is a criminal act," said Hemanshu Nigam, chief security office at MySpace, in a statement to The Washington Post. "This ad is being delivered by ad networks who distribute these ads to over a thousand sites across the Internet in addition to ours. We are working to have these ad networks remove this ad so that they do not appear on our site."

Banner Patch

An iDefense spyware analyst, Michael La Pilla, told the Post that he discovered the attack on Sunday as he browsed the MySpace site. When he came across a page with the offending ad, he received a message from his browser asking him if he wanted to open a file named exp.wmf.

After a brief investigation, La Pilla found out that the spyware installation program contacted a Russian-language Web server in Turkey that tracks the PCs on which the program has been installed. The tally had climbed to 1.07 million machines, though La Pilla said the seven Internet addresses contacted by the downloader seem to be inactive now.

According to La Pilla, the ad also attemted to infect users of Webshots.com, a photo-sharing site. Though he cannot pinpoint the date the ads began sending out their spyware, it is believed that it coincided with the occurrence on MySpace on July 12.

The WMF vulnerability was originally discovered last December after hackers exploited the flaw using a specially created WMF image distributed via e-mail, instant message links, and Web sites. When users opened the image, the hacker could take control of the infected PC. Microsoft released a patch for the bug back in January, but many people did not install the patch.

PCs with unpatched systems can become infected simply by accessing a Web page with the deckoutyourdeck.com ad. The exp.wmf Trojan horse program could upload automatically without the warning prompt that La Pilla received.

Once installed, PCs running the Trojan horse will contact multiple Web sites and download a slew of unwanted programs such as PurityScan advertising software. PurityScan is an adware program that can cause pop-up windows containing unsolicited ads to appear. The application also keeps track of the user's online activity.

Two Wrongs

Rob Ayoub, an analyst at the research firm Frost & Sullivan, said two facts stand out regarding the MySpace infections. First, home users are clearly not as educated about the need to make sure they have up-to-date patches and other security fixes installed. Second, MySpace needs to have a better security system to identify dangers hidden in the ads they serve.

If you are a legitimate business with a legitimate Web site hosting banner ads, you have a responsibility to keep the service clean, Ayoub said. "MySpace has some problems and this is a real blunder on their part. I can't believe any business would not scan or take more caution with banner ads posted on their sites. Ad network or not, there is no excuse for them not having a checking system."

One million people is a very large number, Ayoub said, and it demonstrates that the technology industry, and security firms and software makers in particular, might not have done enough to impress upon home users the importance of downloading patches. PCs that have not been updated exponentially increase problems with viruses, spyware and adware.

"MySpace should have been checking and users should have been patching," Ayoub said. "And because of that combination you have a million downloads."

Some PC users have said their reluctance to install patches and updates centers around the fear that any changes will negatively impact their computers. However, Ayoub pointed out, unwanted changes or problems with updates is relatively rare these days.

"There was a time when you had to watch and be very careful with your patches," Ayoub said. "And some of the big ones are a problem, but there haven't been big problems with patches for ages."

Home users, Ayoub predicted, will not start to take security seriously until Internet service providers start to make antivirus and antispyware software compulsory. That may or may not be the best solution, he said, but incidents like this are a "perfect storm" for users not protecting themselves.

"That's extremely dangerous," Ayoub said. "Maybe what we need to do is run public service announcements."

MySpace is "strongly" urging all Internet users to "follow basic Internet security practices such as running the latest version of the Windows operating system, installing the latest security patches, and running the latest anti-spyware and anti-adware software."
Baguetten
21-07-2006, 20:36
Hahahahaha! You suck MySpace users!

I am forced to second this and quote it for truth, even if being an NS user isn't exactly all that much better...
Tactical Grace
21-07-2006, 20:37
Serves 'em right, for being emo and not having a blocker.
Khadgar
21-07-2006, 20:39
1)Use Firefox
2)Use Adblock plugin
3)Use NoScript plugin
4)Enjoy internet with no adware or spyware installs!
Kinda Sensible people
21-07-2006, 20:39
Heh.. Betcha the popups were all for razors.
Franberry
21-07-2006, 20:42
Death to myspace!
Khadgar
21-07-2006, 20:42
I am forced to second this and quote it for truth, even if being an NS user isn't exactly all that much better...

A healthy interest in political discussion is hardly the same as angsting on a website about how your mommy and daddy hate you because they won't buy you a new iPod for your collection of stolen Yellowcard and Linkin Park mp3s.
Deep Kimchi
21-07-2006, 20:44
1)Use Firefox
2)Use Adblock plugin
3)Use NoScript plugin
4)Enjoy internet with no adware or spyware installs!

Can I get an Amen?
Hydesland
21-07-2006, 20:46
1)Use Firefox
2)Use Adblock plugin
3)Use NoScript plugin
4)Enjoy internet with no adware or spyware installs!

I used to use firefox and i found it much slower and less user freindly then I.E explorer. Am i the first person to ever use firefox and not like it?
Deep Kimchi
21-07-2006, 20:47
I used to use firefox and i found it much slower and less user freindly then I.E explorer. Am i the first person to ever use firefox and not like it?

Probably.
Hydesland
21-07-2006, 20:48
Probably.

Ah well, i still have firefox installed and use it occasionly if a site isn't working in I.E.
I V Stalin
21-07-2006, 20:50
I used to use firefox and i found it much slower and less user freindly then I.E explorer. Am i the first person to ever use firefox and not like it?
Probably not, but there are probably far more people who switched from IE to Firefox because they didn't like the former than made the opposite switch because they didn't like the latter.
Baguetten
21-07-2006, 20:52
Opera ftw.
Chellis
21-07-2006, 20:52
A healthy interest in political discussion is hardly the same as angsting on a website about how your mommy and daddy hate you because they won't buy you a new iPod for your collection of stolen Yellowcard and Linkin Park mp3s.

Yes, this is the 100% essence of Myspace.

Just like someone of the opposite belief could say "Wanting to be able to easily communicate with your real friends, etc, is hardly the same as a place with people who don't have real friends, whining about why they can't get girlfriends or boyfriends, and politics. Who the hell cares about politics?"

We get stupid people in Nationstates. We get stupid people on Myspace(though we probably doesn't account for some of you). But don't generalize. I mostly use myspace to easily talk to my friends. Its alot easier to play myspace tag than phone tag.

Its also good for meeting people.

I can't say NS has really helped me much in everyday life, while myspace has.
Franberry
21-07-2006, 20:53
I used to use firefox and i found it much slower and less user freindly then I.E explorer. Am i the first person to ever use firefox and not like it?
I suggest you go have your head examined
Baguetten
21-07-2006, 20:53
A healthy interest in political discussion is hardly the same as angsting on a website about how your mommy and daddy hate you because they won't buy you a new iPod for your collection of stolen Yellowcard and Linkin Park mp3s.

Yes, you just keep telling yourself that.
Deep Kimchi
21-07-2006, 20:54
The other plugin that speeds up Firefox is Fasterfox.

I've noticed a small bit of speedup using Google Accelerator as well.

It's much better than using IE for an hour, and having your whole machine slow down with innumerable popups and spyware, and then spending three days trying to reboot in safe mode (over and over again) cleaning the mess.
H4ck5
21-07-2006, 20:54
Myspace has political discussions. Many infact.
Baguetten
21-07-2006, 20:56
The other plugin that speeds up Firefox is Fasterfox.

A better name for it should be "Server Rapist," because that's basically what it does.
Deep Kimchi
21-07-2006, 20:58
A better name for it should be "Server Rapist," because that's basically what it does.

Sorry to hear you're not using it. What do I have a 6 MB/sec connection for, if not to fill the bandwidth?
Baguetten
21-07-2006, 23:06
Sorry to hear you're not using it. What do I have a 6 MB/sec connection for, if not to fill the bandwidth?

It's not just your bandwidth that is affected - the servers you are hitting do take a hit, and not only in bandwidth but also in processing your request, which you force/trick them to do faster and before that of others.

It pisses a lot of administrators off, and many have started punishing clients who use such methods.