[IP] Super Evil MySpace MalWare Bait

[David Farber <dave@farber.net>]

Begin forwarded message:

From: dewayne@warpspeed.com (Dewayne Hendricks)
Date: October 9, 2007 10:48:21 PM EDT
To: Dewayne-Net Technology List <xyzzy@warpspeed.com>
Subject: [Dewayne-Net] Super Evil MySpace MalWare Bait

[Note:  This item comes from reader Thomas Leavitt.  DLH]

From: Thomas Leavitt <thomas@thomasleavitt.org>
Date: October 9, 2007 7:17:44 PM PDT
To: Dewayne Hendricks <dewayne@warpspeed.com>
Subject: Super Evil MySpace MalWare Bait

I just ran into a fake MySpace profile that aims to trick you into  
downloading a Trojan Horse binary, playing on the fact that this is  
Patch Tuesday.

I almost fell for this, until I wondered why there was only one  
update, and looked at the domain name closely:  
"windowsupdates.microsoftfdserver.cn". AVG also alerted, thankfully.  
I'm a pretty sophisticated user, and I can count on one hand the  
number of times I've been fooled even to this degree. In contrast,  
I'm certain a ton of other less sophisticated people are going to  
fall for this trick, until MySpace gets around to nuking the  
account. ... but they provide no way of notifying them of urgent  
issues like this. Not good. These services need a "back door" for  
sophisticated folks like myself to alert them to major security  
issues. The Web 2.0 world moves too fast to do otherwise.

Image of bait at URL below:

<http://www.thomasleavitt.org/images/evilevilevil.JPG>

Don't visit the actual page listed in the image if you don't have  
realtime A/V protection installed (if you're running Windows).

Thomas


-------------------------------------------