page, and you end up at the exploit site,” said Thompson. Because Keys’ page, like many on MySpace, sports lots of audio and video content, a dialog box requesting that the user install a new ActiveX control or a codec wouldn’t be suspicious, Thompson added. “You’re already expecting a video, aren’t you?” The codec angle, said Thompson, may point to the hackers who recently expanded their attacks from Windows-only to include Trojans targeting Mac owners. The attackers controlling Keys’ page include code that “looks to see what the user agent is, and if it’s Safari, they serve up a Mac Trojan,” said Thompson. The exploit site, which carried a Chinese domain, was offline as of 8:00 p.m. EST. Keys’ MySpace page had been cleansed of the attack script about an hour prior. According to Thompson, the Keys’ page may have been infected as long as five days ago, when users of Exploit Prevention Labs’ LinkScanner Pro exploit blocker began reporting that the software was warning of dangerous content on the MySpace site. Messages left with MySpace seeking comment were not returned.
Since 2005, Singersroom has been the voice of R&B around the world. Connect with us via social media below.View all posts by Singersroom →