(Net-Worm.JS.Spacehero.a, JS.Spacehero, JS/Spacehero.A worm, JS/Spacehero.A, JS/Spacehero.A!worm, Script.Spacehero.A, JS/Hero.A)
While browsing on myspace.com in the list of heroes that belongs to the Interest section, a new entry is added : "but most of all, samy is my hero."
Please let BitDefender disinfect your files.
Daniel Chipiristeanu, virus researcher
The worm uses XSS
) to propagate itself on the myspace
social networking website (www.myspace.com
It approaches different techniques to avoid the security system of the website, building its own code, in order to circumvent the already fixed vulnerabilities in the website. After that, the worm adds a specific profile to the friends page of the infected profile and puts its own code in the list of heroes
that belongs to the Interest
section, accompanied by a new entry : "but most of all, samy is my hero.
". Considering this, when another user visited the infected profile, it would get infected too; this helped the worm become one of the fastest-spreading worms on the Internet.
At the time of analysis, MySpace fixed its security issue and the worm isn't active anymore.