Myspace Hack Spreading

Interesting Myspace Story:

Well, well. Somebody has managed to hack Myspace.com with a flash based redirect that exploits what is apparently a gaping wide hole in the Myspace code. If you are signed into Myspace, and you go to a friends page, and then find yourself redirected to a blog post containing a diatribe about how the United States government is behind the 9/11 attacks, then your account has been hacked, and everyone who visits your page will be infected!! Yes, it’s true, at least for now – everybody who visits an infected profile while signed into their Myspace account will have their page hijacked!

Update: Explanation of how the Hack works.

Both comments and pings are currently closed.

2 Responses to “Myspace Hack Spreading”

  1. scottj says:

    That’s quite a thorough hack!

  2. guinchoguy says:

    I have a really bad feeling that this may be my fault :(

    A discussion a little while back on a well known black hat forum was talking about some myspace hacks. I made the suggestion of using the get url system in a flash movie to exploit a redirect script and other code via actionscript and indeed javascript from an inserted page etc.

    The possibilities were endless. now I am a little worried that it may have gone too far. :(

    who am I kidding, this is great :) lol

    GuinchoGuy.com
    A previous Flash Kit award winner :)