We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
78,785 News Articles

Concern over widespread MySpace malware

Alicia Keys' site not the only target for hackers

The widely reported problems with pop singer Alicia Keys' MySpace profile have been cropping up on the social-networking site for the past 10 days and are likely to continue, a security expert said on Friday.

Chris Boyd, a researcher at FaceTime Communications, blogged about the problem on October 31 and has tracked a number of musicians' MySpace profiles that have been compromised since then.

As with the Alicia Keys hack, which was discovered last week by Exploit Prevention Labs, these pages try to install malicious software on the victim's PC. If the victim's software is not fully patched, this can happen silently, but if that fails, the sites will tell the victim that he needs to install a video codec. That file is actually malware, researchers say.

In all cases, hackers used the same background, the same web code and the same malicious payload. "It's the exact same hijack," Boyd said.

But one difference has been the amount of pain experienced by the bands after they were hacked. While the Alicia Keys site was repaired and up and running on Thursday - the same day that the problem was publicly reported - smaller bands that have fallen victim to the hackers have had to restart their MySpace profiles from scratch.

Vaughn Atkinson, guitarist with the band JetKing, said he spent a few days trying to get MySpace administrators to restore his band's page from backup, without success. "It's messed with a lot of our networking with promoters and venues," he said. "It's important to a band's credibility ... if you have all that data wiped out, you are kind of back to square one in the eyes of people."

Nobody knows exactly how the MySpace pages were compromised. MySpace representatives suggested that victims may have accidentally handed over credentials after falling victim to phishing emails.

Exploit Prevention Labs’ chief technology officer Roger Thompson believes phishing may be the cause of the compromise, but Boyd said that there may be an underlying bug in the MySpace site design. "They may be able to remove the code, but there's no indication from MySpace that the flaw allowing the hackers to hijack the pages has been fixed," Boyd said.

MySpace offers users an incredibly rich level of customisation on their profile sites, but those capabilities can sometimes be misused by attackers, security experts say. That's what happened in 2005 when Samy Kamkar discovered how to sneak JavaScript code onto his MySpace profile, creating the social network's first-ever worm.

The fact that Keys' site was up and running so quickly is going to "create a lot of bad feelings" from bands such as JetKing that have been unable to restore their profiles, Boyd said.

Vaughn said he and other musicians were unhappy that MySpace had been unable to restore their profiles. "Everyone's resigned themselves to the fact that MySpace has done absolutely nothing," he said. "I'm sure if we were a big band like Coldplay or Michael Jackson, they'd have done it in five minutes."


IDG UK Sites

Android One vs Android Silver vs Google Nexus: What is the difference?

IDG UK Sites

Apple updates MacBook Pro line-up: Price cuts & spec boosts for 6 MacBook Pro models

IDG UK Sites

Long live the internet fridge: the Internet of Things is coming

IDG UK Sites

How Prometheus' colourist Juan Ignacio Cabrera gave a tense, edgy feel to Chosen