MySpace problems began days before Alicia Keys hack

The problems that plagued Alicia Keys' MySpace profile have been around for more than a week, affecting other musical acts.

The widely reported problems with pop singer Alicia Keys' MySpace profile have been cropping up on the social networking site for the past ten days and are likely to continue, a security expert said Friday.

Chris Boyd, a researcher at FaceTime Communications, blogged about the problem on October 31 and has tracked a number of musicians' MySpace profiles that have been compromised since then.

As with the Alicia Keys hack, which was discovered Thursday by Exploit Prevention Labs, these pages try to install malicious software on the victim's PC. If the victim's software is not fully patched, this can happen silently, but if that fails, the sites will tell the victim that he needs to install a video codec. That file is actually malware, researchers say.

In all cases, hackers used the same background, the same Web code and the same malicious payload. "It's the exact same hijack," Boyd said via instant message.

But one difference has been the amount of pain experienced by the bands after they were hacked. While the Alicia Keys site was repaired and up and running on Thursday -- the same day that the problem was publicly reported -- smaller bands that have fallen victim to the hackers have had to restart their MySpace profiles from scratch.

Vaughn Atkinson, guitarist with the band JetKing, said he spent a few days trying to get MySpace administrators to restore his band's page from backup, without success. "It's messed with a lot of our networking with promoters and venues," he said in an interview. "It's important to a band's credibility ... if you have all that data wiped out, you are kind of back to square one in the eyes of people."

Nobody knows exactly how the MySpace pages were compromised. MySpace representatives suggested that victims may have accidentally handed over credentials after falling victim to phishing e-mails.

Exploit Prevention Labs Chief Technology Officer Roger Thompson believes phishing may be the cause of the compromise, but Boyd said that there may be an underlying bug in the MySpace site design. "They may be able to remove the code, but there's no indication from MySpace that the flaw allowing the hackers to hijack the pages has been fixed," Boyd said.

MySpace offers users an incredibly rich level of customization on their profile sites, but those capabilities can sometimes be misused by attackers, security experts say. That's what happened in 2005 when Samy Kamkar discovered how to sneak JavaScript code onto his MySpace profile, creating the social network's first-ever worm.

The fact that Keys' site was up and running so quickly is going to "create a lot of bad feelings" from bands such as JetKing that have been unable to restore their profiles, Boyd said.

Vaughn said he and other musicians were unhappy that MySpace had been unable to restore their profiles. "Everyone's resigned themselves to the fact that MySpace has done absolutely nothing," he said. "I'm sure if we were a big band like Coldplay or Michael Jackson, they'd have done it in five minutes."

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Robert McMillan

IDG News Service
Show Comments

Cool Tech

Breitling Superocean Heritage Chronographe 44

Learn more >

SanDisk MicroSDXC™ for Nintendo® Switch™

Learn more >

Toys for Boys

Family Friendly

Panasonic 4K UHD Blu-Ray Player and Full HD Recorder with Netflix - UBT1GL-K

Learn more >

Stocking Stuffer

Razer DeathAdder Expert Ergonomic Gaming Mouse

Learn more >

Christmas Gift Guide

Click for more ›

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?