Pink Floyd worm spreads on 'Chinese Facebook'
Wish You Weren't Here
Regcast training : Hyper-V 3.0, VM high availability and disaster recovery
Malware authors have developed a cross-site scripting worm that's spreading across a Chinese social networking website.
The Pinkren-A worm poses as a video clip of Pink Floyd's Wish You Were Here contained in messages sent to users of Renren, the Chinese social networking website with around 40 million members. Selecting these messages results in the execution of malicious JavaScript, further spreading the infection.
"The technique used in this worm exploits a simple XSS hole in the website - with a payload which has a flash component with the AllowScriptAccess=”always” attribute to allow the above “non-malicious” javascript to spread the worm via renren.com’s API," explains Sophos researcher Boris Lau in a blog posting.
Preliminary analysis suggests Pinkren-A simply spreads across the Facebook-like site without doing anything more malicious.
The techniques applied by the worm are similar to those of the Mikeyy worms that spread rapidly across microblogging site Twitter earlier this year and an Orkut worm in 2008. Orkut isn't popular in the US or Europe, but the Google-owned social networking site is big in Brazil and up and coming in India. ®
COMMENTS
I've got one thing to say to this worm
"Welcome to the machine"
Not now John
Gotta compete with the whining Japanese!
Is this icon the Two Suns In The Sunset one??
IT infrastructure monitoring strategies
Agentless Backup is Not a Myth
Top 10 SIEM implementer’s checklist
Steps to Take Before Choosing a Business Continuity Partner
Requirements Checklist for Choosing a Cloud Backup and Recovery Service Provider
