Scenario: A MySpace user receives a message that another user would like to show them their profile. Usually, this leads the unsuspecting user to another page that asks the user to "click here" to download the MySpace Viewer. Thinking this is a trusted piece of software, the unsuspecting user then clicks on the link and downloads the software. The creators of the old exploit have decided to mix things up a little because here we have their latest piece of social engineering (at least, we're assuming it's made by the same people because it follows the methods and techniques used with the Adult Content Viewer; plus the name is almost identical, which is a bit of a giveaway) -- the "Free Myspace Viewer." Visit a fake profile carrying this thing and you'll see this appear on your screen.

Note how they tell you the content is "securely protected" because there's nothing like making you think your rogue install is actually some sort of security feature! At this point, depending on the fake profile, you may or may not see the image below appear when you click the popup. It's an image verification screen -- another nice piece of trickery designed to lure inexperienced users in. Before you ask, yes, the code generated really is random every time. It's a fully functional (if slightly pointless) Captcha. Someone's put a little effort into this one.

Eventually, you'll download the application, run it, and....a fake video codec is your reward, of the Zlob Variety strain.  Needless to say, you really don't want one of these trojans installed on your PC because of the variety of not-so-wonderful programs they've been known to install, the terrible damage they can do to your computer, and finally any one of a number of completely fake "security programs they install."

The domain details for the site the installer downloads from is listed as Ukranian, and the hosts? Estdomains, who (amazingly enough) provide the hosting for many of the programs installed by this nasty virus.

I know from past experience with these kinds of Myspace hijacks that the payload will often change daily, so you can never quite be sure what you're going to end up with. At the end of the day, if you are not a programmer or network guru, do yourself a favor and steer clear of MySpace!

Note: A buddy was concerned about this trojan. He asked me to look at this software. I installed this software and ran it on a host machine and found the following running (on Windows obviously).

- bpmini.exe
- bpmon.exe

*/ Usually those files are located in:

C:\Program Files\Image AX Object

C:\Program Files\Protection Tools   
C:\Program Files\Image AX Object
C:\Program Files\Protection Tools

It had also placed 348 malware registry entries, not to mention it also infected the System Restore files. Nasty business this one is! 

You can get rid of this trojan by downloading.

After downloading and running SmitFraudFix, run a full virus scan.

If you have any questions, you can always contact me here. 

* Talk to your kids about why they use MySpace, how they communicate with others and how they represent themselves on MySpace.

* Kids shouldn't lie about how old they are. MySpace members must be 14 years of age or older. We take extra precautions to protect our younger members and we are not able to do so if they do not identify themselves as such. MySpace will delete users whom we find to be younger than 14, or those misrepresenting their age.

* MySpace is a public space. Members shouldn't post anything they wouldn't want the world to know (e.g., phone number, address, IM screen name, or specific whereabouts). Tell your children they should avoid posting anything that would make it easy for a stranger to find them, such as their local hangouts.

* Remind them not to post anything that could embarrass them later or expose them to danger. Although MySpace is public, teens sometimes think that adults can't see what they post. Tell them that they shouldn't post photos or info they wouldn't want adults to see.

* People aren't always who they say they are. Ask your children to be careful about adding strangers to their friends list. It's fun to connect with new MySpace friends from all over the world, but members should be cautious when communicating with people they don't know. They should talk to you if they want to meet an online friend in person, and if you think it's safe, any meeting should take place in public and with friends or a trusted adult present.

* Harassment, hate speech and inappropriate content should be reported. If your kids encounter inappropriate behavior, let them know that they can let you know, or they should report it to MySpace or the authorities.

    * Don’t get hooked by a phishing scam.  Phishing is a method used by fraudsters to try to get your personal information, such as your username and password, by pretending to be a site you trust. Click here to learn more.

* Talk to your kids about why they use MySpace, how they communicate with others and how they represent themselves on MySpace.

* Kids shouldn't lie about how old they are. MySpace members must be 14 years of age or older. We take extra precautions to protect our younger members and we are not able to do so if they do not identify themselves as such. MySpace will delete users whom we find to be younger than 14, or those misrepresenting their age.

* MySpace is a public space. Members shouldn't post anything they wouldn't want the world to know (e.g., phone number, address, IM screen name, or specific whereabouts). Tell your children they should avoid posting anything that would make it easy for a stranger to find them, such as their local hangouts.

* Remind them not to post anything that could embarrass them later or expose them to danger. Although MySpace is public, teens sometimes think that adults can't see what they post. Tell them that they shouldn't post photos or info they wouldn't want adults to see.

* People aren't always who they say they are. Ask your children to be careful about adding strangers to their friends list. It's fun to connect with new MySpace friends from all over the world, but members should be cautious when communicating with people they don't know. They should talk to you if they want to meet an online friend in person, and if you think it's safe, any meeting should take place in public and with friends or a trusted adult present.

* Harassment, hate speech and inappropriate content should be reported. If your kids encounter inappropriate behavior, let them know that they can let you know, or they should report it to MySpace or the authorities.

* Don’t get hooked by a phishing scam.  Phishing is a method used by fraudsters to try to get your personal information, such as your username and password, by pretending to be a site you trust. Click here to learn more.