Social networking site MySpace is facing an ongoing attack as a new worm is turning users' websites and computers into hosts for serving phishing scams and computer viruses.
According to reports, last week some MySpace pages were seeded with computer code seeking to exploit one of the three recently-patched security holes in Microsoft Windows and Internet Explorer. MySpace users who browsed one of these pages were redirected to a fake MySpace login page aiming to steal the visitor's MySpace user name and password.
Experts says the catch here is that if the user's computer didn't have up-to-date Microsoft patches, programs would secretly be installed linking the victim's machine into a network of several hundred infected PCs used to host other phishing sites or serve additional malicious software.
Reports show that the issue hasn't yet been addressed and that this type of Web 2.0 worm is anticipated to be a favorite method of attack for some time.
Source: The WHIR News