In this section

• Home
• Press office
• News archive
• Articles
• 2007
• 03

• Journalists' guide
• News archive

Talk to our experts

• Press contacts

Resources

• Sophos Podcasts
• SophosLabs blog
• Graham Cluley's blog
• Image gallery
• Customer case studies
• Free anti-virus
• White papers
• Awards and reviews
• Industry affiliations

Info feeds

• Security news
• Company news

• Security news
• Company news

What are info feeds?

20 March 2007

MySpace malware could steal information from web users Companies advised to enforce policies over access to social networking websites

IT security and control firm Sophos has advised companies to set policies over which websites users can visit during work hours, following the discovery of more malicious code posted on the MySpace social networking website.

The SpaceStalk spyware Trojan horse has been discovered embedded in a QuickTime movie on the MySpace page of MAMASAID, a French rock band. The Javascript code downloads further malicious code from the net designed to steal information.

A malicious script has been found on the French rock band's MySpace page.

"MySpace is phenomenally popular - but sadly not just with teenagers trying to keep in touch and internet-savvy pop groups. Hackers are also interested in stealing information from MySpace users," said Graham Cluley, senior technology consultant for Sophos. "Companies are becoming concerned that workers are visiting social networking websites, not just because it can distract from real work - but also because it may introduce malware into the workplace."

Sophos customers have been automatically protected against the SpaceStalk malware since 15:02 GMT on 16 March 2007. Users of Sophos's WS1000 Web Security Appliance can set policies over which websites are acceptable to access during the working day.

Sophos continues to recommend that all organizations protect their email with an integrated security solution to thwart spam, spyware and malware threats.

• Bookmark with del.icio.us
• Submit this story to digg
• Submit this story to slashdot

About Sophos

Sophos enables enterprises all over the world to secure and control their IT infrastructure. Sophos's network access control, endpoint, web and email solutions simplify security to provide integrated defenses against malware, spyware, intrusions, unwanted applications, spam, policy abuse, data leakage and compliance drift. With over 20 years of experience, Sophos protects over 100 million users in nearly 150 countries with its reliably engineered security solutions and services. Recognized for its high level of customer satisfaction and powerful yet easy-to-use solutions, Sophos has received many industry awards, as well as positive reviews and certifications.

Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com

See also:

• Spam campaign attempts to phish from MySpace music fans
• New York man arrested in MySpace spam case
• Sophos products - protecting your business from internet threats