MySpace Accounts Compromised By Phishers

An anonymous reader writes, "Netcraft has discovered that the social networking site MySpace appears to have been compromised by phishers who have presented a spoof login form on the main site. This modified login form submits the victim's username and password to a remote server hosted in France." From the article: "The hackers have engineered a fake login form on MySpace's own web site. Netcraft has notified MySpace of the issue, although it currently remains live. Because the fraudulent login page is hosted on MySpace's own servers and does not exhibit any signs of external content, such as cross-site scripting or open redirects, it is convincing and even security-conscious users are at risk of becoming victims. The attack is launched from a profile page, where the username is login_home_index_html, and uses specially-crafted HTML in order to hide the genuine MySpace content from the page and instead display its own login form." This Washington Post story from a few months back explains what's in it for the phishers.

Finally

[1310nm]

Keep up the good work, phishers!

The secrets of apathetic teens will soon be aired for the world to view!

Netcraft confirms

[Aexia]

MySpace is dying

Re:I'm in love with Osaka

Jep, the testosterone is definitely tumbling....

Re:Not quite.

[Fred_A]

Almost 41% of MySpacers are aged 35 to 54 - a big increase since last year.

So it's TheirSpace now ?

Re:Maybe I caused the slow discovery

Yes, all the internets depend on you for security. Please, think of the children next time and stop reporting security holes.

Re:Maybe I caused the slow discovery

[Packt]

"Dear diary... mood? Apathetic."

So ... why is this a bad thing?

[Ravear]

Hay guyz i hav this gr8 idea i tink i shud take a pikkchur of myself in da mirrur holding teh camerah at a weiurd angle isnt that original guyz? Amirite?

War is fun when you hate both sides.