Poor Alicia Keys. All she ever wanted to do was spread the gift of music to the public, and now her MySpace page is under siege. A group of researchers at Exploit Prevention Labs found that when users click on just about any part of the singer's profile, they're redirected to co8vd.cn/s, which The New York Times believes to be a Chinese malware site. A pop-up then appears, prompting them to install a codec to view a video. Click 'yes,' and, well, you're in trouble.
The researchers have found similar hacks on pages for French funk band Greements of Fortune and Scottish rock band The Dykeenies.
"Security and functionality exist in an inverse relationship," Exploit Prevention Labs' chief technology officer told the Times. "The more functional you make anything, the less secure it tends to become."
MySpace contacted the paper after the original story ran, and not surprisingly, passed the buck, suggesting that the fault--at least in part--lay with users who fell for phishing e-mails. "Individuals who try to phish our members are violating the law and are not welcome on MySpace," a spokeswoman told the Times. "We have blocked and removed the source of this phishing attempt and restored the profile."
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment