Articles
Blogs
Kits
ForumsA news has been released about a malware in a MySpace webpage.
The webpage is promoting a French band and it uses a Quicktime flaw to run a JavaScript.
The procedure is that first, an invisible Quicktime video is applied on the webpage. Second, a JavaScript in the video downloads another JavaScript and that second script becomes a spyware when it is executed.
The person who is credited on finding this flaw is Didier Stevens.
Stevens said that McAfee was the only company among antivirus companies which detected the flaw. McAfee flags the first script as JS/SpaceTalk Trojan.
Source: The Register
