A Revolution is the Solution
incredibly... bad.
One thing - I see myspace browsed like heck in teen areas at libraries, it makes me cringe to think what must be on those machines - let me see, Zango of course 
, there was a WMF exploit up on myspace a while back, and at a certain library all of the machines have Movieland(link to consumeraffairs.com) on them...
Hopefully the libary IT staff are not such idiots that they let patrons use Admin or Power-User accounts. This is what they'll get from a Limited or Restricted-User account: http://www.mechbgon.com/nice_try.gif
On WinXP Pro using a disallowed-by-default Software Restriction Policy, the user of a Limited or Restricted-User account would also be arbitrarily prevented from executing the installation file from anyplace their account has the ability to save it to.
And if the library has decent, properly-configured antivirus software, there'd be no file to attempt to execute, because good antivirus software would nuke a Zango installer as soon as the download completed.
Layered defense, anyone?
http://www.macfixit.com/
article....061204120934568
For those of you on MySpace who need a solution, I posted a video tutorial on my blog. LoLo (aka Burnt Pickle) has been very helpful in identifying the worm and has placed a link to my tutorial on his blog. I will be releasing future blog tutorials in an effort to keep you informed of how to keep clean and have fun, while avoiding the mal's of the Internet. I would also like to thank Paperghost for his efforts to publicize and inform us all.
Hey thanks
I'd like to thank LoLo for his assistance with getting the word out on this - he played a huge part in helping me nab some of the files and also passing on some of the phish domains. It's highly likely the security community wouldn't have jumped on this so quickly if he hadn't brought it to everyone's attention!
Oh Wow Its a Case of Join MySpace, Or How to Ruin your PC in one easy lesson another one would be, Do you want Some Phish with those Chips
....................
Whens it going to Stop :-(
It stops when the FTC fines come more in line with profit. One of the primary problems that seems to reoccur, is a company gets fined...for...
3 million, for practices that earn them...say, ten million.
The way to stop these things from happening is for the FTC to step up fines to something much more inline to detract from such methods, even if they jeopordize the "business".
One or two companies get fined thirty or fourty million for infecting 50,000 or so machines, there will be a quick change in policy, across the board for every affiliate program.
Aquias i agree with you thats what it will take,But will they do it ?? Not on your life we are Talking about people who Buy Goverment Opinion
they will continue until shut down forever....
I agree Milli, the only way such a fine will occur is if there is a massive, sustained public outcry. Or these installs get bad enough to jeopordize other areas of profit for large corporations, where they begin to exert pressure on the FTC and other organizations to up the tempo against this style of install/attack.
Commenting by HaloScan
