Technically Speaking

Rex Dixon – Professional BlogCaster

That MySpace Scam

Posted by rexdixon on November 22, 2006

It’s being reported on CNET today as the scam that all of us have heard about already. This is the one that is mainly attributed to MySpace; stealing of accounts and passwords. Back in the day, that was called being “owned”. Now with social networks as abudent and flourishing everywhere, it’s probably a good thing to post here to remind everyone of the scam.

Dubbed a reverse cross-site request, or RCSR, vulnerability by its discoverer, Robert Chapin, the flaw lets hackers compromise users’ passwords and usernames by presenting them with a fake login form. Firefox Password Manager will automatically enter any saved passwords and usernames into the form.

Technically Speaking, I also saw something on digg where some guy ended up posting a bunch of accounts and passwords for MySpace. I have said it before and I’ll say it again, MySpace needs to really beef up their server group.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: