MySpace Accounts Compromised by Phishers

["Fergie" <fergdawg () netzero net>]

Via Netcraft.

[snip]

Netcraft has discovered that the social networking site, MySpace,
appears to have been compromised by phishers who have presented a spoof
login form on the main site. This modified login form is designed to
submit the victim's username and password to a remote server hosted in
France.

The hackers have engineered a fake login form on MySpace's own web site.

Netcraft has notified MySpace of the issue, although it currently
remains live. Because the fraudulent login page is hosted on MySpace's
own servers and does not exhibit any signs of external content, such as
cross-site scripting (XSS) or open redirects, it is convincing and even
security-conscious users are at risk of becoming victims. The attack is
launched from a profile page, where the username is
login_home_index_html, and uses specially-crafted HTML in order to hide
the genuine MySpace content from the page and instead display its own
login form.

The modifed login form, hosted on myspace.com. Login details are
harvested by a remote server, hosted in France.

[snip]

More:
http://news.netcraft.com/archives/2006/10/27/myspace_accounts_compromised_by_phishers.html

- ferg


--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg(at)netzero.net
 ferg's tech blog: http://fergdawg.blogspot.com/


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.