MySpace.com pages have fallen foul of another piece of malware, according to web security firm Websense.

A hacker has posted a video on MySpace that apparently changes people's profiles as it's being played in order to launch a phishing attack.

The QuickTime file exploits a vulnerability in MySpace and one in JavaScript within the QuickTime application.

Once played, the video embeds itself into the victim's MySpace page, and rigs all the links from the page to phishing websites in order to get people to enter their MySpace login details. Websense warns that if a page is infected with the video virus, it will most likely have a blue navigation bar, and link to fraudulent websites.

Victims are reporting that the malicious code runs whether being viewed by Internet Explorer or Firefox.