Blog
Previous Posts
January 2007| 01/26/2007 | Company Information Leakage and Web Search » |
| 01/23/2007 | What's In A Link » |
| 01/12/2007 | New MySpace Phish using CSS. » |
| 01/04/2007 | Multi-hack...defaced site hosting Phish. » |
| 01/02/2007 | MOTW: "Skype" Trojan Analysis » |
+ December 2006
+ November 2006
+ October 2006
+ September 2006
+ August 2006
"this chick is using like almost all of ur pix and part of ur profile.. people have no lives, i swear. heres the URL if u want to check it out"
Followed by a link to their Myspace page. The page itself is hosted within the Myspace.com domain and is a users profile page. Upon accessing the site the user is presented with their login credentials.
A couple things to note here. The code writer took special note to change the authentication picture to show that it says, “profile.myspace.com” instead of “login.myspace.com” as it normally should. One mistake the code writer made was that he did not create a password field which hides the password while the end user types it in.
The attacker used code within a Cascading Style Sheet (CSS) to overlay the main user profile and present their own text and images. If users enter in their credentials the information is posted to a website which is hosted in the United Kingdom.
Myspace Message:
Myspace Login Site:
Users (attackers) Profile:
