We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
78,145 News Articles

MySpace band profiles targeted by hackers

Warning over social-networking security risk

Several band profiles on MySpace have been hacked to serve up some nasty tricks, according to security vendor FaceTime Communications.

The bands' MySpace pages have a transparent overlay that, when clicked, either links to a website that tries to start downloading malware disguised as a media codec or attempts to exploit a browser security flaw, said Chris Boyd, security research manager with FaceTime.

When a cursor passes over part of the overlay, the IP (Internet Protocol) address for a web server in China is shown in some browsers. However, the fake media codec site is hosted in Russia, Boyd said. He posted screenshots of the problem on his blog.

At some point, the log-in details for the bands' pages must have been obtained, likely through a phishing attack, Boyd said.

"So far, I think we've seen around seven or eight music bands hacked - not a huge number as it seems to be pretty fresh," Boyd said.

But if the hackers have the bands' log-in details, they can send bulletins to users who have joined the site as friends. Those bulletins are used to attract more people into visiting the infected pages and potentially downloading the malware. That could ramp up infection levels, Boyd said.

"It's a great hook for a malware writer to tap into," Boyd said.

MySpace officials could not immediately be reached for comment. Boyd said the company has been notified by FaceTime via email.


IDG UK Sites

OnePlus Two release date rumours: Something's happening on 22 July

IDG UK Sites

13in MacBook Air review, Apple's MacBook Air 2014 reviewed

IDG UK Sites

5 reasons to buy an electric car and 5 reasons not to

IDG UK Sites

Evernote Skitch: the best way for creatives to doodle feedback