MySpace spam seeks botnets

By Dan Kaplan on Jan 18, 2008 4:07PM

Researchers at Marshal, an internet security firm, are tracking a new spam campaign in which recipients receive messages inviting them to join MySpace – but a click on the link leads them to a bogus page containing malware disguised as an Adobe update.

Users who follow the link in the email are directed to a website that appears to be a legitimate MySpace profile, Glen Myers, an engineer at Marshal, told SCMagazineUS.com today.

However, the victim is informed they need to update their Adobe Flash Player to properly view content on the page, he said. Installing the update actually downloads malware onto the user's PC and forces the infected machine to join a botnet.

Then, almost immediately, the zombie computer starts sending similar emails, in addition to phishing messages, targeting a major U.S. bank, according to Marshal.

Myers said these types of social engineering attacks are particularly effective because they are attempting to exploit the Web 2.0 mindset.

“The user is willing because they are used to this paradigm where it's someone they know and they posted this content,” he said.

Businesses must either decide if they want to ban access to sites such as MySpace or YouTube, or control it through policies and technology, Myers said. Preferably, organizations should cater to their employee and “create a culture where they want to come to work.”

Web content filtering solutions would help, he said.

Got a news tip for our journalists? Share it with us anonymously here.

Tags:

Palo Alto Networks alerted to DoS vulnerability in routers

US puts million-dollar bounty on Russian ransomware raiders

Cloud shift helps QBE modernise tech estate

NBN Co proposes to axe CVC across all plans by mid-2026

Victoria takes covers off digital twin

MySpace spam seeks botnets

Researchers at Marshal, an internet security firm, are tracking a new spam campaign in which recipients receive messages inviting them to join MySpace – but a click on the link leads them to a bogus page containing malware disguised as an Adobe update.

Partner Content

Sponsored Whitepapers

Events

Most Read Articles

NSW Police dumps Bezos-backed Mark43 from core systems overhaul

Australian court finds insurer not liable for ransomware clean-up costs

NBN Co proposes to axe CVC across all plans by mid-2026

Wesfarmers to stand up offensive cyber security capabilities

Digital Nation

Most popular tech stories

Case Study: Hydro Tasmania undergoes infrastructure modernisation program

COVER STORY: Multiple cloud models make security more complex

COVER STORY: What happens when Google changes its algorithm?

Metaverse Minutes: What are gas fees?

A billion dollars worth of connected TV ads wasted. The TV was turned off

Partners join Ingram Micro, Vertiv for cooking lessons

Bidding war to acquire MOQ Limited rages between Atturra, Brennan IT

Servers Australia discloses "malicious activity" impacting some Sydney services

Accenture, Deloitte, TCS top Gartner's cloud IT transformation providers list

Reserve Bank of Australia launches digital currency project

Right to repair: Large scale IT buyers can influence product design... and they should

Five minimum features needed in your choice of a business laptop

Building a modern workplace for a remote workforce

Venom BlackBook Zero 15 Phantom

How long will a UPS keep your computers on if the lights go out?

Photos: Australian industry comes together to explore IoT opportunities

IoT Explained: What is the Internet of Things in Australia (June 2022)

Why LoRaWAN is ideal for water network management

Giving water utilities IoT technology "freedom"

How Tassal created the internet of salmon

Palo Alto Networks alerted to DoS vulnerability in routers

US puts million-dollar bounty on Russian ransomware raiders

Cloud shift helps QBE modernise tech estate

NBN Co proposes to axe CVC across all plans by mid-2026

Victoria takes covers off digital twin

MySpace spam seeks botnets

Researchers at Marshal, an internet security firm, are tracking a new spam campaign in which recipients receive messages inviting them to join MySpace – but a click on the link leads them to a bogus page containing malware disguised as an Adobe update.

Partner Content

Sponsored Whitepapers

Events

Most Read Articles

NSW Police dumps Bezos-backed Mark43 from core systems overhaul

Australian court finds insurer not liable for ransomware clean-up costs

NBN Co proposes to axe CVC across all plans by mid-2026

Wesfarmers to stand up offensive cyber security capabilities

Digital Nation

Most popular tech stories

Case Study: Hydro Tasmania undergoes infrastructure modernisation program

COVER STORY: Multiple cloud models make security more complex

COVER STORY: What happens when Google changes its algorithm?

Metaverse Minutes: What are gas fees?

A billion dollars worth of connected TV ads wasted. The TV was turned off

Partners join Ingram Micro, Vertiv for cooking lessons

Bidding war to acquire MOQ Limited rages between Atturra, Brennan IT

Servers Australia discloses "malicious activity" impacting some Sydney services

Accenture, Deloitte, TCS top Gartner's cloud IT transformation providers list

Reserve Bank of Australia launches digital currency project

Right to repair: Large scale IT buyers can influence product design... and they should

Five minimum features needed in your choice of a business laptop

Building a modern workplace for a remote workforce

Venom BlackBook Zero 15 Phantom

How long will a UPS keep your computers on if the lights go out?

Photos: Australian industry comes together to explore IoT opportunities

IoT Explained: What is the Internet of Things in Australia (June 2022)

Why LoRaWAN is ideal for water network management

Giving water utilities IoT technology "freedom"

How Tassal created the internet of salmon

Log In