Pink Floyd worm spreads on 'Chinese Facebook'
PrintWish You Weren't Here
Posted in Malware, 25th August 2009 11:39 GMT
Free whitepaper – Airport insecurity: the case of lost laptops
Malware authors have developed a cross-site scripting worm that's spreading across a Chinese social networking website.
The Pinkren-A worm poses as a video clip of Pink Floyd's Wish You Were Here contained in messages sent to users of Renren, the Chinese social networking website with around 40 million members. Selecting these messages results in the execution of malicious JavaScript, further spreading the infection.
"The technique used in this worm exploits a simple XSS hole in the website - with a payload which has a flash component with the AllowScriptAccess=”always” attribute to allow the above “non-malicious” javascript to spread the worm via renren.com’s API," explains Sophos researcher Boris Lau in a blog posting.
Preliminary analysis suggests Pinkren-A simply spreads across the Facebook-like site without doing anything more malicious.
The techniques applied by the worm are similar to those of the Mikeyy worms that spread rapidly across microblogging site Twitter earlier this year and an Orkut worm in 2008. Orkut isn't popular in the US or Europe, but the Google-owned social networking site is big in Brazil and up and coming in India. ®
Optimizing the data center for cost and efficiency
Out-of-box comparison between Dell, HP, and IBM blade servers
Systems management simplified
Total cost of ownership of Dell, HP and IBM blade solutions
SharePoint Server 2007 Server Farm Use Case