Alicia Keys' MySpace Page Hacked


Roger Thompson of Exploit Prevention Labs has discovered multiple hacked MySpace pages – most prominently MySpace’s #4 most popular major music artist Alicia Keys.

The way the hack works is that when you visit the infected page, you are hit by an exploit (which installs malware) and next they’re presented with a Fake Codec which tells them they need to install a codec to view the video. So even if they’re patched, they can fall victim to the exploit. The HTML in the page contains some kind of an image map, and if you can click on anything over a wide area on the page and your click is directed to the malicious hyperlink.



Not surprising, but still shocking.

I have noticed a trend in my area of MySpace users having to “start over” by creating a new account, since their old ones were tainted by hackers, and there was nothing MySpace could do to fix it.

These users returned despite suffering a major inconvenience. No doubt Myspace enjoys a lock-in effect due to the size of its network.

But they better not take the situation for granted. Here’s why:

The other component to Myspace’s lock-in effect is the time and effort users put into their profiles, as well as the information stored in their accounts. As soon as users are forced to start over anyway, this advantage is removed. At that moment, MySpace only has the size of its network to count on.

Enter Facebook. As its network continues to grow and begins to rival that of Myspace’s, a hacked profile can present to an angry MySpace user the opportunity to make the switch to Facebook. This could well prove to be MySpace’s greatest threat as it struggles to maintain its lead. Quite possibly, it is already a factor in Facebook’s growth.

(I should note that among the general population here in Southern California, unlike in Silicon Valley, MySpace dominates over Facebook.)

Myspace is like a mini-version of the Internet, with each profile page being analogous to an independent website, so it is not surprising that it is suffering from some of the same plagues. Facebook is thus far exempt from this analogy because its users don’t have as much control over the look and feel of their profile.

Just like the browser opened up the Internet but also opened the door to security issues, the more open a social network is, the more it will also have to deal with malicious intent. This will provide growth opportunities for forward-thinking security firms like Exploit Prevention Labs.


Myspace has to sort this out quickly. If world spread that their sites were not save some major artists could move away which would result in a major traffic drop.

Comments are closed.