Roger Thompson at Exploit Prevention Labs has discovered multiple hacked MySpace pages, including MySpace’s #4 most popular major music artist Alicia Keys. Other bands hit include Greements of Fortune (a French funk band) and Dykeenies (a rock band from Glasgow).
Roger noted that “attacks on MySpace seem to be on the rise.” He says that the current hack, affecting Alicia Keys’ MySpace page and others, is an image-background link which, when clicked, entices users to install a fake codec – which then infects the user’s computer. He calls it a “FakeCodec trick” and here’s how it works: if a user clicks on a MySpace page and slightly misses a control or link on that page, they have clicked the image-bg link and are then taken instead to the exploit site. Roger explains more in this video:
To summarize, when a user visits the infected page, they’re first hit by an exploit (which installs malware in the background if they’re not fully patched against the latest security vulnerabilities), and next they’re presented with a Fake Codec which tells them they need to install a codec to view a video. So even if they’re patched, they can fall victim to the exploit.
Roger said via an email that “it’s MySpace that has been hacked, as opposed to the bad guys
getting the usernames and passwords of a few bands”.
The fact that MySpace is media-rich, with lots of sound and videos, means that the FakeCodec trick will be much more effective — said Roger on his blog. The user, when clicking on the page, will expect to see a video or hear a song – but the hack will make them think they need to install something extra.
Let us know in the comments if you’ve heard of other MySpace hacks recently – or Facebook hacks for that matter.