A malicious QuickTime movie file is spreading across social networking site MySpace, embedding itself in the user profile pages of infected victims and changing links to point to phishing sites.
The worm, variously dubbed JS/Quickspace or JS/Qspace, uses JavaScript capabilities built into Apple's QuickTime player, together with the design of the MySpace site, to spread when the movie is opened - often merely by visiting a user page carrying the file.
Read the complete story here. (Virus Bulletin)
