Myspace Malware

Well, it is the weekend. In the last few months, I have started to notice an increase in fake friend requests and other Myspace scam crap on Saturdays. I guess these evil doers have normal jobs, like the rest of us.

Anyways, today I noticed the following friend request.



Clearly this a scam, so I decided to look into it a bit more. I clicked thru to the profile, knowing that I might have to take evasive actions if faced with spyware/malware.

Surprise, Surprise. Looks like I need the famous "MS Viewer".



I grabbed the link URL and threw it into WGET. After a short redirect, I was pushed to Myspace.php



I then renamed the PHP file into a TXT so I could get a look into it. Opening it up in Notepad shows that we are dealing with a UPX packed file.



Running this fie thru Virustotal.com did not fare well for those products out in the market.



Moral of the Story - Social sites can be dangerous, so use protection when you click.