Hackers Infect Alicia Keys�s MySpace Page

Back to front page »

By Brad Stone

Tags: malware, MySpace

The MySpace page of singer Alicia Keys has become the latest vehicle for malware on the Web.

Researchers at the Atlanta, GA-based Exploit Prevention Labs have discovered multiple hacked MySpace pages, including the personal page of the R&B artist. Also hacked were pages for Greements of Fortune, a French funk band, and Dykeenies, a rock band from Glasgow.

When visitors click almost anywhere on these infected site, they are directed to co8vd.cn/s, which appears to be a Chinese malware site. The visitors then see a box on their screen telling them they need to install a special codec to view the video � a legitimate possibility on any site rich in media. But if the visitor clicks ‘yes’, the site installs software that appears to be a rootkit and DNS changer. This would allow the hackers to take over what you see on your browser and what you download onto your computer.

“They are going to catch a lot of people with this one,” said Roger Thompson, chief technology officer of Exploit Prevent Labs. “This is a a very rich media page, as are most MySpace pages. There is every expectation you are going to see a video… It’s not at all unreasonable to think you might have to install something.”

Click here for Mr. Thompson’s video demonstration of the attack.

Mr. Thompson said MySpace is suffering from the major drawback to any practical, open platform for the masses. “Security and functionality exist in an inverse relationship,” he said. “The more functional you make anything, the less secure it tends to become.”

There is no explanation yet for how hackers injected their code into these MySpace pages. A MySpace spokeswoman said she would look into the matter.

UPDATE: MySpace believes members whose pages were infected with malware opened phishing emails and inadvertently installed the attack on their pages. In a statemennt, the company says: “Individuals who try to phish our members are violating the law and are not welcome on MySpace. We have blocked and removed the source of this phishing attempt and restored the profile.”

will this affect Macs?

� Posted by Brad Nowell

R.I.P OpenSocial Oct 31, 2007-Sept 8, 2007.

Such promise gone so soon. I’ll miss you.

Ok I don’t really believe that it is the end. But if that is truly the cause for the hack then Myspace is doing some rethinking right about NOW.

From my experience there is no fool proof system. Myspace has put so many obstacles in the way of hackers it is funny. It is only a matter of time before Myspace starts asking users to solve algorithm in order to post a simple comment.

Myspace users do not panic. It was hack made possible due to user stupidity.

� Posted by coolrepublica

People use myspace? Whatever for?

� Posted by Daryl N

It isn’t clear from the report whether this particular exploit affects Macs. But I’d be careful anyway: the first reported malware exploit targeting Mac OS/X has been reported. Like the MySpace hack, it uses social engineering. It’s spread by porn sites that claim you need a special codec to view the video. Easy enough to avoid: don’t download the “codec”, or don’t visit porn sites. The significant thing is that this one targets OS/X.

In general, if a site tells you you need to download a special codec, and offers to send it to you, don’t do it.

� Posted by DMcCunney

wait, this is news? this was actually “discovered” on the 31st of october - here it is on PCWorld:

http://www.pcworld.com/article/id,139137-c,hackers/article.html

note its a different company who found it - these guys are basically rehashing what they already said.

� Posted by SubSeven

No, this doesn’t affect Macs, unless you’re dual booting to Windows. The download is a “setup.exe”, and requires a DOS shell within Windows to work.

� Posted by Carl Holmberg

Macs would be immune. An entirely different base operating system with an entirely different way of resolving domains, and so, this package, and most probably its delivery mechanism, are Windows specific.

There are currently no known remote exploits against Mac OS X in the wild, although there may be some known to Apple which are pending a fix, though with the release of OS X Leopard that seems highly unlikely. Apple finds and patches even remotely possible exploits as quickly as they can. Their reputation for excellence with OS X security relies on it.

Full Disclosure, I’ve been a Mac developer since the release of the OS, and also used Windows from 1995 to 2005. I also own Apple stock options.

IMHO : Apple is at this point about 10 years ahead in OS design, as Vista is nothing more than Win XP SP3 with a few third party utilities thrown in and some UI libraries extended. Not alot else going on there aside from some fancy facepaint, which when stripped away reveals good old NT3.5/4, the basis for every Microsoft consumer OS since WinME.

� Posted by Steve Evans

“will this affect Macs?” I seriously doubt it. There are no known mac rootkits or DNS changers. That is not to say that the site may not do something else to a mac….

� Posted by Bryan

I think it is time to shut off country’s that do not stop there hackers from the Internet. Country’s that do not seem to make a stab at stopping them and or using this to control. If we did this then places like China and some European States would not be able to do anything on the web and their people and company’s would make them fix the issue. Just my thoughts on the matter.

� Posted by R.M

My Myspace was resently hacked. My friend “Maria” whom I known for 12 years, posted a video comment on my site. The video didn’t play when I tried to view it. I e-mailed “Maria” and told her to repost the video, she replied back stating that she never posted a video. The next day all of my friends recieved a comment from me saying that I just got a $500 gift card from Macy’s by following the link posted. I of course didn’t post the comments. Most of my friends e-mailed me, telling me that I was hacked and to change my password, which I did.

The fact is Hackers happen. My attack came from a dear friend. It’s not just “User Stupidity” that allows hackers to get into your site. Something should be done to prevent this from happening. Yes, right no they’re reposting advertisements on user pages, but think of what they could do as time progresses.

� Posted by Amity

It never stops, does it?

� Posted by Treva

Does it affect Macs? Possibly. There’s a similar trojan horse reported that DOES attack Macs. See http://snipurl.com/1tdo0

Just don’t enter tour password if it asks for it.

� Posted by Harry

“It was hack made possible due to user stupidity.”

I’m puzzled–how are users to blame for security holes left by MySpace? Every time a bank is robbed, do you blame the customers for keeping their money there?

The fact is that any popular website is going to be the target of an attack. The more popular, the more likely. Rather than throwing around irresponsible assignments of blame, how about acknowledging that we’re going to have to choose the ratio of openness we want versus the risk that that very openness might have a price.

� Posted by Dan

Macs. . . .

This sounds a bit like the recent trojan horse to appear for macs. My guess is this won’t affect macs, but anytime some site tells you to install something you are not expecting t have to install, and you agree to install it (and on the mac actually type in your password), then you can be infected. By doing so, you’re giving the unknown code access to the guts of your system.

Luckily, viruses and other malware don’t affect macs, because they can’t self-replicate, but if you actively give something access to the guts of your system, you’re opening yourself up.

� Posted by Ark

Game sites are also a problem. For example, hackers routinely steal other players passwords and then use the points in the accounts to boost their own ratings. With the accounts the hackers also have access to the email, instant messenger and other personal information. The hosts of the sites don’t appear to be doing much about the problem as the hackers continue to stay at the sites.

� Posted by Michael

I’m not sure why they can’t figure out how it was hacked. My guess is that they figured out her password. It said multiple pages were hacked. Maybe they started with the list of the 50 most common passwords. Maybe they did some homework and tried the names of some of her closest friends and relatives. Once they have her password, hacking the page was like child’s play to a hacker.

� Posted by Alan

keep doin’ what you doin’ i luv ya girl

� Posted by Missaria

joined MySpace, since then 1-2 emails a day with the Mulitmillion Dollar Scam from every corner of Africa I believe they sell our email addresses or thier security is so poor it is a shopping center for computer criminals. Hackers… execute 1 member of thier family, first offence. Second offense remove thier hands, third offense thier eyes. Forth thier legs… Fifth thier tongue. Although they will be unable to function, they will always have the memory of the destruction, and millions of dollars in damage they have caused in addition to ruining peoples lives both emotionally and financially… They can still smile.

� Posted by observer

One element of difference that is often overlooked between MySpace and Facebook is that MySpace doesn’t have a secure login like Facebook (i.e. when you login your password isn’t sent over an encrypted connection, HTTPS). Her password was probably just taken and they logged in and did this. That was easy.

MySpace needs to grow up a little. Their code is junk, they let its users “express” themselves by making junky pages, and their systems run slow because of it. This attack is really no suprise.

Oh, and Mac guys, just because you have a Mac doesn’t make you invincible. It just makes you $600 poorer and 200% cooler than most PC users. (Note: I use a Mac.)

� Posted by George

I love how you present an article about an infected “rich-media” webpage and then ask visitors to your article to goto youtube for a video demonstration. It is this type of “click-it-forward” mentality that give those hackers such great exposure.

� Posted by Nick B

“Does it affect Macs? Possibly. There’s a similar trojan horse reported that DOES attack Macs.”

This is a rootkit hack + DNS. The recent Trojan horse on the Mac required the installation with admin privilages of a malware application. Sounds similar to this MySpace hack, but not really the same. So bottom line, unless you’re running Boot Camp, it won’t effect the Mac.

� Posted by tom

Your first mistake is visiting Alicia Key’s Myspace page.

2 years from now no one will know who she is. I’m guessing the only microphone she will be using is the one at Wendy’s. That skank better super-size my fries or I will be very, very angry.

“Hey Alicia, we need more lids for the frostys. And hurry up.”

� Posted by Corbin Bensen

Actually Amit, that does sound remarkably like user stupidity

� Posted by Headsup

When did the installation of a special CODEC re-emerge as a legitimate possibility for playing internet media files? There are plenty of excellent, standards-compliant CODECs built in to all operating systems. Custom CODECs are a vestige of yesteryear, and are now used primarily to install malware to PCs.

In short, if any site wants to install custom software for any reason, the right solution is to not perform the installation and move on - even if you really really want to see the video.

� Posted by Richard Lugato

Okay, we need better protection at the web 2.0 level. The hackers certainly are a leg up on us.

� Posted by David Greiman

lol @ 7 you are so right flash in the pan artist!

� Posted by lolercoaster

I would not recommend myspace to anyone. I had a band with 35,000 friends and was cancelled for no reason. I spent 18 months working on this all for some employee with admin privelages to cancel me for no reason and give no explanation.

� Posted by helen

Reading an article about a hack involving viewing a video and yet to see the hack we need to view a…..video?

� Posted by Green Cheetos

I’m surprise that Myspace is still up. Don’t matter what Myspace does, this is a case of cat chasing mouse. So if you are scared DON’T DOWNLOAD NOTHING!!!!. Or do what I did, delete your account and don’t worry about nothing.

� Posted by Angel

theres many website that offers million codes for myspace layout page.. these codes are input by myspace users themselves.. im assuming some of these hacking codes are coming from these websites.

� Posted by irwin

This goes to Amity,

Youre friend didnt hack your page. Someone hacked hers and it sent it to yours. You need to know how it works to prevent it.

� Posted by Themullet

I am immune to such attacks because if I am told that I need to install something I cancel the install and go directly to the manufacturer’s website and download and install the codec, or whatever. I just simply do not allow a 3rd party websites to install stuff on my machine. If I need flash I go to macromedia’s webite and get flash.

� Posted by Full Name

Myspace yay! A place where nobody becomes somebody!

� Posted by Myplace

Dan#13

The people responsible for maintaining Alicia Keys’s myspace page did something that allowed the code on there or they were duped into giving their password for myspace and the hackers put the code on there themselves. That is what I meant by user error.

I get email pretending to be from Myspace asking me to click on links to do something. That is how hackers get passwords. They are not hacking Myspace itself, if they were, there would be millions of pages affected not just a few. Unless I am expecting a link, I never click on links in my email.

Someone was asking if mac are affected. If the hackers were targeting mac users as well, they would be affected too. Recently hackers got mac users who visit adult sites to install a virus on their computers. With all the obstacles that Apple have put in place to stop hacks, users had to do several things to let the virus in, and they did every single one.

Hackers have discovered it is easier to let the user do the job for them than try to crack web sites.

I would also add that I am not immune to hacker tricks. A few days ago I got a virus which may have crashed my vista PC. My virus scan detected the virus, which I unknowingly downloaded, by saving a picture I got on Google image on my desktop.

So I know a bit about user error.

� Posted by coolrepublica

Alicia’s Myspace page was hacked? Oh no! She’s only the 457,329th person that’s happened to!

� Posted by Max

to the first poster, of course this will affect Macs — they are probably the most vulnerable. Whenever a webpage wants to install a codec, first looked it up in Wikipedia. Decide if you’re going to need the codec on a regular basis. Then find a reputable site to download it. Ideally, it should come in a codec pack that you can uninstall from control panel. Everyone should be aware that websites that offer to install codec packs are notorious for also installing malware also. This is annoying and sounds of a Catch-22, but it is doable. I was just joking about the Macs. We all know that they are flawless, invulnerable, and represent the peak of mankind’s technical prowess.

PS I just saw the commentor above the recommended installing from the manufacturers page. Yes, this is, indeed, the best way to do it if it works.

� Posted by Gene P.Girard

This is an old trick, make the entire profile a link to a malware or phishing site. Hopefully MySpace will take the prominence of this, and restrict what type of code people can place on their pages.

� Posted by Joshua

Comments are moderated and generally will be posted if they are on-topic and not abusive. For more information, please see our Comments FAQ.

All NYTimes.com Blogs »

Hackers and Steve Jobs battle over control of the shiny toy.

Jerry Yang tries to bring order to the portal he started

Its all about the network for Randy Falco

A site lets you cruise shop for jewelry by webcam

Nanotechnology is building potentially useful new particles, but how to deal with the potential dangers.

Barry Diller’s Bill Gates Imitation

IAC has just introduced 236.com, a fake news site. Seen that idea before? So did Barry Diller, who, like Microsoft, is trying to profit from the ideas of others.

E-Mail Scammers Ask Your Friends for Money

In the latest Nigerian e-mail scam, the crooks are taking a page from Facebook and leveraging the power of social connections.

Hackers Infect Alicia Keys’s MySpace Page

Hackers have infiltrated the MySpace page of R&B singer Alicia Keys and set a dangerous trap for her fans.

Are Facebook’s Social Ads Illegal?

A 100-year-old law in New York State bans the use of a person’s name and likeness for advertising purposes without permission. That may be what Facebook’s new Social Ads system does.

Bring This to the Next Meeting

How much money is wasted during meetings? This calculator could track it.

Bits offers news and analysis on the technology industry throughout the day with posts about the inventors and dealmakers trying to master and profit from the digital age. We cover start-ups, giant enterprises, government policies and the way technology is used around the world.

Tell us what you like, dont like and want to read more about.

Send us e-mail with your comments

For news tips and press announcements, please use the e-mail links on the blog home page to reach our writers and editors. Companies Amazon Apple eBay Facebook Google Microsoft MySpace Yahoo Topics Consumer Electronics Hardware Innovations and Ideas Internet Music and Video Nanotechnology Online Marketing People Policy and Law Silicon Valley Software Technology and Society Telecommunications Venture Capital and Finance   Home World U.S. N.Y. / Region Business Technology Science Health Sports Opinion Arts Style Travel Jobs Real Estate Autos Back to Top Copyright 2007 The New York Times Company Privacy Policy Search Corrections RSS Help Contact Us Work for Us Site Map var gtrackevents=false; var gdcsid="dcs591klg00000c97pblfraeo_7p3p"; var gfpcdom=".nytimes.com"; var gdomain="wt.o.nytimes.com";

Tag Cloud

External Information

Additional Information

Where Am I?