Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×

MySpace Accounts Compromised By Phishers 86

Posted by kdawson from the even-the-wary-beware dept.
An anonymous reader writes, "Netcraft has discovered that the social networking site MySpace appears to have been compromised by phishers who have presented a spoof login form on the main site. This modified login form submits the victim's username and password to a remote server hosted in France." From the article: "The hackers have engineered a fake login form on MySpace's own web site. Netcraft has notified MySpace of the issue, although it currently remains live. Because the fraudulent login page is hosted on MySpace's own servers and does not exhibit any signs of external content, such as cross-site scripting or open redirects, it is convincing and even security-conscious users are at risk of becoming victims. The attack is launched from a profile page, where the username is login_home_index_html, and uses specially-crafted HTML in order to hide the genuine MySpace content from the page and instead display its own login form." This Washington Post story from a few months back explains what's in it for the phishers.
This discussion has been archived. No new comments can be posted.

MySpace Accounts Compromised By Phishers More

MySpace Accounts Compromised By Phishers

Comments Filter:

  • Maybe I caused the slow discovery (Score:3, Interesting)

    by AVryhof ( 142320 ) <amos @ v r y h o f r e s earch.com> on Sunday October 29, 2006 @03:02PM (#16634080) Homepage
    Maybe it's been my fault it's taken so long to "discover"

    I've been seeing 'em now and then and contacting the hosts where the scripts are hosted to get their accounts disabled.

    I'm not worried about being phished myself... I'm quite perceptive...but it's people I know who I'm worried about.

  • You can view the horrible phishing status for free (Score:4, Interesting)

    by Anonymous Coward on Sunday October 29, 2006 @03:13PM (#16634170)
    OpenDNS people started http://phishtank.com/ [phishtank.com] service which is completely community based, as you can actually see the phishes and verify them, I have seen some amazing stuff around. Compromised servers having SSL certificate which are abused in phishing operation, some pages having fake addressbar on top and most important of all, USA based banks are being phished from USA cable modem subscriber (haxored) and nothing done against it for days.

    BTW as it is free to use, SURBL added it, now the stuff which you verify actually helps to people using that free list.

  • Re:Phishing + SSL (Score:3, Interesting)

    by LO0G ( 606364 ) on Monday October 30, 2006 @02:05AM (#16638965)
    I'm confused. Here's the domain registration for wamucards.com:
    Registrant:
            Washington Mutual, Inc. (DOM-1398425)
            1201 3rd Ave Seattle WA 98101 US

            Domain Name: wamucards.com

            Registrar Name: Markmonitor.com
            Registrar Whois: whois.markmonitor.com
            Registrar Homepage: http://www.markmonitor.com/ [markmonitor.com]

            Administrative Contact:
            Administrative Contact (NIC-14324742) iFolio, Inc.
            1201 3rd Ave, 40th Floor Seattle WA 98101 US
            domains@ifolioinc.com +1.2063596677 Fax- -
            Technical Contact, Zone Contact:
            Technical Contact (NIC-14324922) iFolio, Inc.
            1201 3rd Ave, 40th Floor Seattle WA 98101 US
            domains@ifolioinc.com +1.2063596677 Fax- -

            Created on..............: 2005-Aug-01.
            Expires on..............: 2007-Aug-01.
            Record last updated on..: 2006-May-17 11:10:55.

            Domain servers in listed order:

            MIA01.DIGEX.COM
            MIA02.DIGEX.COM

    Why do you believe it's a phishing site or otherwise fraudulent?

Slashdot Top Deals

I've noticed several design suggestions in your code.

Close