« ModSecurity 2.0 is out | Main | Identifying Risks in the Development Cycle »

MySpace Accounts Compromised By Phishers

"MySpace, appears to have been compromised by phishers who have presented a spoof login form on the main site"


"Because the fraudulent login page is hosted on MySpace's own servers and does not exhibit any signs of external content, such as cross-site scripting (XSS) or open redirects, it is convincing and even security-conscious users are at risk of becoming victims. The attack is launched from a profile page, where the username is login_home_index_html, and uses specially-crafted HTML in order to hide the genuine MySpace content from the page and instead display its own login form."

Article Link:


Feed You can follow this conversation by subscribing to the comment feed for this post.

All Comments are Moderated and will be delayed!