Slashdot Mirror
Teens Arrested in MySpace Extortion Scam
An anonymous reader writes "Two New York teens have been arrested after trying to extort $150,000 from the makers of MySpace, the popular online community site." From the article: " MySpace discovered the intrusion earlier this year and blocked it. The Los Angeles-based company also reported the incident to authorities. During the course of the investigation, threats were made that unless $150,000 was paid, new exploit code would be released, according to the statement. By this time, the sting operation had been set up, so instead of meeting with MySpace late last week, the pair from New York met with undercover officers from the U.S. Secret Service and the Los Angeles District Attorney's Bureau of Investigation. "
Go directly to jail. Do not pass Go. Do not collect $150,000.
So, two kids hacked MySpace, and threatened further damage unless they were given $150,000, but cry "foul" when lured into a job offer/interview for the purpose of arresting them.
I'm not sure, but I'm willing to bet extortion dollars thay MySpace would not bother luring people into their space if no extortion were there in the first place.
It's pretty amazing how criminals (alleged) cry about violated rights when apprehended. Yeah, there are constitutional procedures to guide law enforcement and judicial, thank goodness for that.
I don't see, assuming these are the kids who did hack MySpace, any impropriety nor violation of their "space".
--Rob
Towards the Singularity.
Yeah, because only American kids think they can get away with anything and are selfish.
Thats just plain stupid.
If I were them I wouldn't be worried about the press publishing my name in connection with extortion, I'd be more embarassed about people finding out I was involved with MySpace.
Don't mess with Tom!!!! Luckily he is my friendslist, so he is my friend right?
Sad thing is I can think of about 3 ways right now to bring myspace down at least from a users standpoint. The openess of css usage they allow, plus there is a great little expliot making the rounds after you clicked on an outsidelink it takes some actions on your account to propagate itself. You could make a nice cascading corrupted CSS plague, forcing all user pages to crash any browser.
---In a time of Chimpanzees I was a Monkey.
Come on now, a job interview? Don't they know the way a transaction like this goes down is on the docks at night (when its foggy of course). The guy drops the money off in a breifcase, then you zoom by on a motorcycle with a hot chick on the back who picks it up as you fly by at 80mph in black leather jumpsuits.... ...oh I see where the plan fell through, being old enough to reach the shifter on the motorcycle, and knowing a hot chick.
I was wondering if Slashdot would ever cover this.
These kids were associated with a site that charged for code that you can add to your MySpace profile which would allow you to see who had viewed your profile, when, and where they got to you from (another friend, search, etc). By my calculations they were making upwards of $20,000/month from their service ($5.00/mo with around 4000 users).
They, and other tracker sites, have been constantly battling with MySpace over the use of the "hacks". Most of the stuff they've used has simply taken advantage of bad programming. The first generation of trackers used a flash file in the profile to read users cookie data. Then MySpace forced all embedded flash objects to disallow the use of actionscript. They moved on to inserting javascript in CSS commands, using image files to capture browser info, etc. MySpace responded by blocking the use of certain domains within profiles. They then bought a bunch of different domains and assigned them randomly to users.
Then there was some random legal trouble that they never really talked about but had apparently moved past. The next planned release was supposed to be "unstoppable". They had promised the release for about a week and a half and it was eventually pushed back to May 19. Then they got arrested. The site, myspaceplus.com, switched over to a basic notice about "info coming soon" and that was it. There was a pretty active forum on there but I think people were starting to sense that there was trouble and/or the two owners (who went by Jack and Jake on the site) were skipping town.
Anyway, it's a really interesting phenomenon, especially considering that other services have built in the ability to see who's viewing you as long as you allow others to do the same when you view their profile (Friendster). Most of the tracker sites now are on a similar model where the tracker will only work with other users ot the service.
So, not really "hacking" per se. It seems that MySpace was most worried about people's IP addresses getting stolen. The sites started hashing them so you couldn't see the actual address. Seems like a weird thing to be worried about on the privacy front if you ask me.
The abouve comment is a joke...laugh...
lol some more..
$150,000? This is 2006; MySpace probably spends that much money on office coffee every year.
Flew out to LA? I couldn't find any details on this, but I'm willing to bet that the two kiddies were given free airline tickets to fly out to LA.
MySpace? It's not much of a challenge breaking that site, right? Seems like there's a new exploit discovered every month. I hope the media doesn't portray them as l33t "hackers".
Straight "A" students? This is a funny comment left on the ZDNET site..
Not hoodlums
Thier not hoodlums genius, i live like 20 minutes away from them. thier both straight a students with alot of computer expertise but were using thier skills in the wrong way and tried to make some illegal money off of myspace. Some people need to drop the "everyone from new york is a gangster" stereotype just like they tell us to drop the "anyone not from ny is a redneck" stereotype.
Posted by: gtapro91 Posted on: 05/27/06
And? Blogging lowers my stress levels. I get to talk about how shitty my day was and a few people close to me may read it and then we'll have a dialog. If not, i put it somewhere and i can let it go. Not just teens blog. I'm in my late 20s. My mother has a blog too.
Frankly i have less of a problem with blogging than the governments privacy violations with the telephone network. I choose to blog, I didn't choose to let them listen to my calls or view the list of people I called.
Blogging isn't a breakdown in society, its just a new way to communicate information to people you know. (and don't know)
MidnightBSD: The BSD for Everyone
Ah, young love. Brings a tear to your eye doesn't it.
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
In the end, services like MySpace is one of the signs of the decline of society as a whole.
Look at it, people no longer care about privacy as they are publishing every single aspect of their daily lives for everyone to read about, including things like "My boyfriend dumped me today! I wanna die!"
Since when is a society on the decline when people can express themselves freely without any serious repercussions? The only use for privacy is protection against intolerant people, so societies where people voluntarily do not make use of it are probably very tolerant of individuals. I might have missed a few developments, but I always thought that kind of freedom is one of the things we consider to be a fundamental values of ours?
Coincidence? ;-)
"Only two things are infinite, the universe and human stupidity, and I'm not sure about the former."
Not to sound like a jerk, but you're dead wrong. "American kids thinking that they can get away with anything, interested solely in themselves, and getting something for nothing." If you said "almost everyone" instead of "American kids", I would have agreed with you, but I have problems with both the "American" and the "kid" parts.
e licopter_fireworks (a woman shoots fireworks at a police helicopter because it was annoying her by being there -- now she's charged with a felony),t _strangle_dc (a defendant on trial for murder tries to strangle his own lawyer IN THE COURTROOM),
n der/2100-7348_3-6002302.html?tag=html.alert (A German child pornographer turns himself in after getting an e-mail virus telling him he was under investigation.
e ws.quirkies.strangecrime (Austrian kids steal a bunch of stuff so they can afford after-school prostitutes).
First off, the easy one -- kids. Kids are NOT the only people who try to get away with anything, are interested solely in themselves, or try to get something for nothing -- here are a couple good ones:
news.yahoo.com/s/ap/20060527/ap_on_fe_st/h
news.yahoo.com/s/nm/20060525/od_nm/cour
www.dumbcriminals.com/drugs/dil-doh/ (a couple steals sex toys and enhancement pills repeatedly from an adult store, they end up being caught on one of their many return trips and when they are caught, the "goods" are in a bag NEXT TO THEIR 3 YEAR OLD DAUGHTER),
and last but not least - EVERY drunk driver EVER.
Now for the "American" part. Stupidity is not a trait restricted to Americans -- PEOPLE ALL OVER THE WORLD ARE IDIOTS:
news.com.com/Worm+traps+alleged+child+porn+offe
And finally, to prove that not just American kids commit crimes -- www.ananova.com/news/story/sm_1772630.html?menu=n
I think I've made my point. Sorry, I just get a little riled up when people make broad generalizations with negative connotations.
A computer once beat me at chess, but it was no match for me at kick boxing.
Welcome to MyJailSpace.com!
Are you kidding me? There is a reason that Fox bought myspace - strictly for it's "data" as you put it. Myspace is a site where one of the most profitable(not to mention fickle) demographic in the world voluntarily offer up their likes/dislikes etc to a company in great detail that is easily searched, cross referenced, and advertised to. It is possibly the biggest advertising goldmine I've ever imagined.
It's always baffled me how so many people could miss what is so big and profitable about Myspace. Even if the site itself never made money (which I doubt, as they advertise heavily and widely) - the data they collect is worth millions upon millions of dollars.
Look at it, people no longer care about privacy as they are publishing every single aspect of their daily lives for everyone to read about, including things like "My boyfriend dumped me today! I wanna die!"
If they choose to, what harm is there to that? I mean, there are people starting wtih JennaCam and ending at BigBrother who'd like to be in front of a cam 24/7. Great for them. If they want to keep a public diary (read: blog), go ahead. For the most part I consider it a good thing that people aren't that insanely stuck up with their facade (dunno if that's the right english word) and that they live life with their ups and downs, just like everyone else.
What's important is that things can also be private when you choose to. That you don't feel on display, that people can grope into your private life when you don't want to. If you're a creepy stalker, a marketdroid or the frigging government, I don't like people profiling me, analyzing me, collaborating data. Chances are you'll be able to read out of it more than I want you to. It's well known from intelligence work that a collection of seemingly innocent unclassified information put together can reveal things that are (and should be) classified. Same goes for a personal life.
Even if there's a "breach" of privacy and things are already public, either because you were bloody drunk, your friends decided it'd be fun to surprise you or use a hidden cam, your ex was bitter or for some other reason it's still private. There are some kinds of mistakes or silly and embarrasing situations you wish would go away, or least limited in scope to some good friends and for a limited time. Good luck with that in a digital world though...
Live today, because you never know what tomorrow brings
I speak from experience in that I was the one to bring this scam to the attention of myspace in the first place. And I cracked the first several codes they released. ( Having friends that work at myspace helps) They ran a site that released "trackers". These were bits of flash mostly that when loaded onto a users page cause anyone viewing that page to be victimized by a series of css or bad design exploits. These mostly took advantage of css through flash actionscript that was encrypted to obscure the actionscript (swfencrypt). As for their latest "unblockable" code: it was really lame. A flash file on the users page redirects you to a 3rd party site that looks like myspace (think pishing tactics) that then asks you to enter your email address that is associated with your myspace account to view the users page. So now they have your ip and your myspace account and how often you visted the users account. Frankly you'd have to be a moron to fall for this though. For an example check www.blendnet.com/verify.php (though I wouldnt recommend entering a valid email address since these guys still control this server. And should this give anyone an idea, don't bother, it's already been blocked) P.S. If there are any myspaceplus users reading this, you people are some of the dumbest forum posters on earth, we watched you all this entire time and you gleefully gave us everything we needed to find and crack these stupid little codes.
This had to fail, if everyone who found code issues in Myspace's programming wanted $150,000 they'd be bankrupt by Monday.