MySpace… The Social Network For Extortion Scammers
from the how-many-make-a-trend? dept
There’s just something about MySpace that seems to bring out the criminal element in some people. Way back before MySpace was even that well known, someone was arrested for trying to blackmail MySpace into giving him a job, or he would reveal to everyone on MySpace how to spam everyone else at MySpace. That guy ended up going to jail, but apparently some of the other kids out there didn’t quite get the message. Two teenagers apparently broke into the MySpace back end and stole some personal info of users. When MySpace realized this and kicked them out, they threatened to reveal how they hacked into MySpace… unless MySpace paid them $150,000. Of course, that’s called extortion, which is exactly the charge the two kids will be facing in court following their arrest last week. Of course, it’s this kind of case that makes life so difficult for legitimate security researchers who are trying to help by finding vulnerabilities. Too many of the people poking around really do have malicious intent.
Comments on “MySpace… The Social Network For Extortion Scammers”
It was just a matter of time. Ever since Myspace was out i was just waiting for this to happen.
i’ve emailed a few vulnerabilities to myspace and they don’t ever respond :-/ I ended up finding one of the developers myspace pages and emailing them directly and they finally got fixed.
Vulnerabilities
XSS Scripting. MmmMmmmm cookies.
In terms of reporting vulnerabilities the second poster did it right. I think there is a difference between finding a problem and reporting it to the owner and finding a problem and running to the media.
If its reported to the site or owner and they do nothing, then contacting the media or issuing a press release is fine, but doing so without contacting the owner is just wrong.
there will always be these sorts of problems. teenagers and boredom are a bad combo.
MySpace . . . .
I’ve got myspace just because friends asked me to get it – I’m still a freshman in high school and I’ve noticed that my grades have gotten worse ever since I’ve been with mypsace – hmmmm.
Re: MySpace . . . .
Dont blame your bad grade on Myspace…..Study more
Re: MySpace . . . .
Maybe your getting dumber as you get older.
Re: MySpace . . . .
You cant blame a website for your bad grades, its your choice to be on the site in the first place, and noone can make you do it. There are always going to be people who misuse Myspace. People especially teenagers are bored.
Again..........
Last I heard MySpace had nearly 80 million users.
With that sort of population you have to expect that there is going to be criminals JUST LIKE ANY OTHER community, be it virtual or real.
This hysterical fear mongering over ever little god damned thing that happens online is going to cripple us unless we get a little perspective and act like adults instead of cringing, stupid children.
I am sad to see Tech Dirt contributing to the tabloid coverage of Teh Evil Intarwebs.
Re: Again..........
While driving into work the other day I heard an advertisement for a local news station promoting a story… Tune in at 8 to find out what in your house could kill you in 8 seconds….”Fear mongering” gets your attention and thats what news reporters want .. get use to it.
Re: Again..........
80 million users is a bit much. You have to consider how many “celebrity” profiles, fake profiles, and role-playing profiles are on there.
Yes, role-playing profiles…some of the most viewed blogs on there are “parties” held by members of myspace with names of Harry Potter characters…it’s quite strange.
I think that if you actually took a look at how many “real” users there are – the number would be close to/if not more than half…
boohoo
“Of course, it’s this kind of case that makes life so difficult for legitimate security researchers who are trying to help by finding vulnerabilities. Too many of the people poking around really do have malicious intent. ”
People with malicious intent are the ENTIRE reason that security researchers exist. Don’t cry to me about how it is making life so hard for them.
News reports get exaggerated
Heh, lots of opinionated readers, looks like we could see a flame war today, gotta love it 😉 I am surprised bad parenting or video games were not blamed for this, blame the kids who did it. I just gotta say, I am an admin/owner of a mud, which is a MMORPG of sorts, just a text based multi-user game. We have players who do nothing but find and exploit bugs. We find and banish the exploiters. I have had my server taken down by DOS attacks, been threatened with real life violence, and even been threatened with this kind of thing. Know what? In the end I am still there and they are gone, the mud is up and running and nothing has really changed. My point, I guess, is these kind of people always get caught or go away quietly when someone calls em on their threats and in the end, with a bit of time, all the damage they might do can be fixed. The media blows things way out proportion, including bloggers who circulate rumor. People just need to take a bit of responsibility for their actions. Me first.
MySpace pages are bad
MySpace pages are bad. I have a few friends who I’ve helped try and fix problems in their profiles (knowing CSS/XHTML I can at least try one last ditch effort to piece together the toilet code they employ).
You can use as much JS as you want. You can link to external anything. Meaning you can embed all sorts of nasty files.
This is almost as bad eBay, where they allow JS in the pages. That’s not cool, because I’ve seen numerous listings that REDIRECT to phishing pages that ask for you to “login” before viewing the listing.
I stopped using eBay after I discovered this and found that even though they know about it, they don’t fix it. They need to remove everything but simple xhtml and css. Then they need require that people host any and all images (the only other allowed external resource than CSS) with them.
If you can’t sell a product with regular CSS/XHTML then you don’t deserve my $$$.
all i know is that the average age of the women i date has continued to drop since i started using myspace. money, a nice apartment, and a car is catnip to an eighteen-year-old. well, it’s catnip to a 40-year-old soccer mom too, but who the hell cares…
Forget My Space What's the thing in your house
that can kill you in 8 seconds???????? I wanna know. I’m hooked in.