New MySpace flash-based worm
There’s a new MySpace worm, using flash and javascript. Code and technical explanation. What does it do in a few words?
When you visit an infected page, there is a “redirect.swf” embedded, which opens a blog url. On that blog post there is another swf file, called “retrievecookie.swf”. This pulls another blog post and manipulates it’s text to get around the code filters.
Leave a Reply