Hackers eye MySpace users

HACKERS are targeting users of social networking website MySpace using techniques popular with phishing scams. Mass emails sent to MySpace members would contain invitations to add the sender as a friend. When a link in the email is accessed, what seems to be an official MySpace page appears. The user is then asked to download and install the latest version of Adobe’s Flash Player software, which is required to run many of the applications on MySpace. However, the whole exercise is actually a scam, security experts say. Once the program is installed it would allow hackers to remotely take control of the computer, and use to victims PC to distribute more spam.

The attack was first detected by security software company Marshall Software on Wednesday morning in its New Zealand test lab.

Marshall Software vice president (Product) Bradley Anstis said this could be the precursor to more advanced and malicious attacks.

“Once you’ve got the client installed on someone’s machine, because it’s (malware), they have the ability to remotely control that application.

“So it’s quite easy to turn on some keylogging or data mining type application that may actually be built into the malicious code they’ve installed‌ You’ll never really know until they start to open up features inside an application,” Mr Anstis said.

And with a greater number of employees logging onto social networking sites at work, businesses are just as vulnerable as home users.

He said the best protection was educating MySpace users on how to identify dodgy websites and spam email, a view echoed by MySpace Australia’s Director of Safety & Security, Rod Nockles.