5 Comments

Summary:

Roger Thompson of Exploit Prevention Labs has discovered multiple hacked MySpace pages – most prominently MySpace’s #4 most popular major music artist Alicia Keys. The way the hack works is that when you visit the infected page, you are hit by an exploit (which installs malware) […]

Roger Thompson of Exploit Prevention Labs has discovered multiple hacked MySpace pages – most prominently MySpace’s #4 most popular major music artist Alicia Keys.

The way the hack works is that when you visit the infected page, you are hit by an exploit (which installs malware) and next they’re presented with a Fake Codec which tells them they need to install a codec to view the video. So even if they’re patched, they can fall victim to the exploit. The HTML in the page contains some kind of an image map, and if you can click on anything over a wide area on the page and your click is directed to the malicious hyperlink.

You’re subscribed! If you like, you can update your settings

  1. Myspace has to sort this out quickly. If world spread that their sites were not save some major artists could move away which would result in a major traffic drop.

  2. Not surprising, but still shocking.

    I have noticed a trend in my area of MySpace users having to “start over” by creating a new account, since their old ones were tainted by hackers, and there was nothing MySpace could do to fix it.

    These users returned despite suffering a major inconvenience. No doubt Myspace enjoys a lock-in effect due to the size of its network.

    But they better not take the situation for granted. Here’s why:

    The other component to Myspace’s lock-in effect is the time and effort users put into their profiles, as well as the information stored in their accounts. As soon as users are forced to start over anyway, this advantage is removed. At that moment, MySpace only has the size of its network to count on.

    Enter Facebook. As its network continues to grow and begins to rival that of Myspace’s, a hacked profile can present to an angry MySpace user the opportunity to make the switch to Facebook. This could well prove to be MySpace’s greatest threat as it struggles to maintain its lead. Quite possibly, it is already a factor in Facebook’s growth.

    (I should note that among the general population here in Southern California, unlike in Silicon Valley, MySpace dominates over Facebook.)

    Myspace is like a mini-version of the Internet, with each profile page being analogous to an independent website, so it is not surprising that it is suffering from some of the same plagues. Facebook is thus far exempt from this analogy because its users don’t have as much control over the look and feel of their profile.

    Just like the browser opened up the Internet but also opened the door to security issues, the more open a social network is, the more it will also have to deal with malicious intent. This will provide growth opportunities for forward-thinking security firms like Exploit Prevention Labs.

  3. this is faintly outrageous – how did this guy “discover” this when some other company already covered it last week?

    http://www.pcworld.com/article/id,139137-c,hackers/article.html

    can i come along next week and lay claim to this too?

  4. Media Outrage Friday, November 9, 2007

    My question is this since i write for a celebrity news blog, who are the 3 top major Myspace music artist in front of Alicia Keys? I posted an article on this. http://mediaoutrage.com/2007/11/09/alicia-keys-myspace-page-gets-hacked/

    Thanks

  5. Alicia Keys Myspace Page Gets Hacked. « Media Outrage Friday, November 9, 2007

    [...] GigaOm is reporting that not only is Alicia Keys Myspace’s 4th most popular major musical artist but that she is also hack bait! What that means is that her Myspace page has continuously been hacked into. And visiting her page could make you susceptible to whatever kind of computer STD that her page obviously has. (Yall better stop programing without protection) Watch Video to see what we are talking about cause i dont know lol lol [...]

Comments have been disabled for this post