Sunday, October 29, 2006

myspace hacked?


Netcraft has discovered that the social networking site, MySpace, appears
to have been compromised by phishers who have presented a spoof login form
on the main site. This modified login form is designed to submit the
victim's username and password to a remote server hosted in France.

Netcraft has notified MySpace of the issue, although it currently remains
live. Because the fraudulent login page is hosted on MySpace's own servers
and does not exhibit any signs of external content, such as cross-site
scripting (XSS) or open redirects, it is convincing and even
security-conscious users are at risk of becoming victims.

No comments: