Chinese social network hit by Pink Floyd video worm

Chinese social network hit by Pink Floyd video worm

Sophos’s recent Security Threat Report highlighted the growing number of attacks we are seeing via social networks such as Facebook and Twitter. In fact, 21.2% of those polled said that they had been on the sharp end of malware spread via a social networking site.

One thing that is sometimes forgotten, however, is that it’s not just world famous social networking sites which can be exploited by cybercriminals. There are plenty of Facebook “clones” (for want of a better word) that have sprung up in countries around the world and have strong local followings.

One such social networking website is Renren, formerly known as Xiaonei Network, which is extremely popular in China with some 40 million registered users (making it more successful than Facebook in the country).

Sign up to our free newsletter.
Security news, advice, and tips.

Boris Lau, one of the analysts in Sophos’s labs, has blogged about a XSS (cross-site scripting) worm that has spread via user profiles on Renren, posing as a video of Pink Floyd’s classic song “Wish you were here”.

Renren Pink Floyd message

Clicking on the message results in a malicious JavaScript being run on your computer which in turn helps the malware spread further across the social networking site. Sophos detects the worm as W32/Pinkren-A.

(By the way, the Yupoo.com site advertised in the image above is a popular photo-sharing site in China).

XSS vulnerabiliies are nothing new to social networking sites of course, and can be a highly effective way to spread malware quickly.. For instance, earlier this year we saw the Mikeyy worms spread rapidly through Twitter.

So, don’t forget, if you’re really keen to watch a video of Pink Floyd’s classic golden oldie “Wish you were here”, your best bet might be to buy a concert DVD or do a quick search on YouTube:

Pink Floyd - Wish You Were Here


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.