Friday, November 9, 2007

Myspace Does Little to Stop Band Page Hacks

For the past couple of weeks, Myspace has been filled with hacked band profile pages. Just today, PC World is reporting that the myspace page of Alicia Keys is serving up malicious code.

Paperghost over at VitalSecurity.org has been trying to get the word out on this for quite some time.

Just this morning PG posted this bulletin to all his Myspace friends...

----------------------------------------------

hi everyone,

I realise I appear to be some random dude on your Myspace list, but please hear me out. I'm Chris Boyd, better known as Paperghost:

http://en.wikipedia.org/wiki/Paperghost

And I hunt down hackers and get them shut down for a living, which extends to getting them kicked off of Myspace wherever possible.

I've recently discovered a group of hackers are targeting nothing but band profiles, and doing all sorts of nasty things with them. the press picked this up after I wrote about it, and a number of bands (including JetKing and a few others) have also tried to get something done about this after having their own pages hacked, sometimes more than once.

However.

The response from Myspace has been less than impressive on this, and we need to be seen to make some noise before they'll do anything about it. If you have a popular page, think about the damage to your rep if your profile starts redirecting all those hundreds of people visiting you to Adware hijacks and various other bits of crud.

There is no exaggeration here - this is an example of band profiles that have recently been hacked, some of whom have been hacked multiple times (you can quite easily find more via a few Myspace searches).

How can you help?

Simply by making people aware, by posting a bulletin about the problem (or reposting this, or something else altogether), by contacting Myspace to demand that they do something about the problem, and anything else you can think of.

*HOW DO I KNOW IF MY PAGE HAS BEEN HACKED?*

If you have, most of your page will have a huge (invisible) background image that sits in front of your page and (when clicked) sends people here:

co8vd.cn

You will see this domain appear in the bottom left hand corner of your screen when you hover your mouse over it. If this is happening on your page, you need to

1) GUT YOUR PAGE AND START OVER AGAIN and
2) CHANGE YOUR LOGIN DETAILS BEFORE THEY LOCK YOU OUT OF YOUR PAGE.

If you want to contact me because your page has been hacked already, or you want to know more about the problem, feel free to send me a message.

Thanks,
Chris
at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)