Hackers target Alicia Keys MySpace page

By Ellen Messmer, Network World
November 08, 2007 09:58 PM ET

The MySpace page of pop singer Alicia Keys appears to have been hacked and is emitting exploit code that can trick visitors to the page, according to a security vendor.

The MySpace page appears to have been compromised with an image of 8,000 pixels by 1,000 pixels, like a blank image, says Roger Thompson, a researcher at Exploit Prevention Labs. “The blank image is overlapping the page,” he says. “It’s in the background. If you happen to click on it, it takes you off to a place in China, which tries to get exploits into your system.”

Someone clicking the Keys page at random might touch the exploit image and be presented with a page that says you need an ActiveX control to see the page, Thompson says. “It’s a trick to get you to click on it and receive malicious code.”

Thompson, a malware expert, says it’s the first time he’s seen this type of image-based exploit code, which he describes in this video. Thompson says it isn’t clear whether just a few pages on MySpace have been compromised in some way or whether there’s a broader hack of MySpace.

Related Content

Exploit Prevention Labs has notified MySpace about the issue. Other bands on the MySpace entertainment page that appear to have been hit by a similar exploit are Greements of Fortune, a French funk band, and Dykeenies, a rock band from Glasgow.

Read more about security in Network World's Security section.