Quick Links: SpywareGuide Greynets Blog | SpywareGuide Product Database | SpywareGuide Company Database | SpywareGuide Categories
SpywareGuide powered by FaceTime Security Labs
Search SpywareGuide Greynets Database & Site
Security Email Alerts & Updates
Search the Blog
 
Recent Posts
Categories
Monthly Blog Archives
Links
Subscribe
Subscribe to this blog's feed
About the Blog
About SpywareGuide Greynets Blog
Link to Us
Link to SpywareGuide.com

« The SmartBrowser Bait and Switch | Main | Gambing Site Promoted by...Gambling Bots! »

  • Webcam Bots Invade Myspace

Myspace has had a mighty beating lately due to people exploiting the network for their own ends - we've had Adware, Flash hacks, infections via banner adverts and now here's the next problem marching across Tom's lawn with big, muddy boots and trampling all the flowers. It's time to take a look at the seedier side of what goes on in Myspace - you've probably heard about "Myspace Bots", but not seen one in action. Well, today's your lucky day.

There are currently lots of near-identical profiles being created on Myspace at the moment, for some reason all called "Monica". No idea why, I guess they just like the name - at least they're not going to forget who's who. This is of some benefit to us, however, because it makes it easier to steer clear of fake-profile related trouble. It goes without saying to double check any Myspace users you encounter called "Monica" for the time being, especially if the text on the "about me" section of these profiles is all about being "different" and "individual" - and adding them to your MSN Messenger. Here's a screenshot of one of these profiles (note that the picture will change with each profile, but the "about me" text will remain (mostly) the same:

http://blog.spywareguide.com/upload/2006/07/mspcebtprofile1-thumb.jpg
Click to enlarge

Once added, talking to "Monica" will result in a bunch of Bot-style replies that all try to get you to pay for access to hardcore pornography webcams. The interesting part was trying to work out how much was automated, and how much was human-controlled. The first chat I had veered away from the "4 random replies and set to Away status" that all the subsequent sessions with Monica had - after all, when you're telling someone to "do a barrell roll" and asking them if they "like potatoes", yet all you get for your troubles is "check out my webcam!" it's the signal for a (not very advanced) Bot. It's entirely possible that the first chat was human controlled, but they had to stick to a script and not deviate too much. Ultimately it's all about the money, not random chat with some guy they're trying to extract payment from. Worth noting that if someone was talking to me the first time, they were quite happy to encourage me to join up, even though I mentioned I was twelve years old!

http://blog.spywareguide.com/upload/2006/07/mspcebtprofile2-thumb.jpg
Click to enlarge

You can see the results of some of these chats here - always good to see just how intelligent these things are (whether human or Bot!) As you'll see, the first chat definitely suggests some form of personality behind the screen - however, the rest are all 100% guaranteed conversations with automated scripts. Doh!

I can only imagine the money being brought in by a scam like this - fake profiles on Myspace have been around for some time, but a quick check of the message boards and forums suggest that this particular issue is taking off in a fairly major (and concentrated) way. It's the easiest thing in the World to create a bunch of fake profiles on Myspace, though to be fair, at time of writing Myspace have deleted a whole bunch of these accounts so proactive steps are being taken.

It's just a shame that they seemed to have missed one in the process! As I mentioned in this BBC article on the problems facing Myspace at the moment:

"Any site has an increased risk of attack where a lot of customisation is possible," said Mr Boyd. "This level of customisation is what both attracts people to use the service, and what causes the most security issues."

The problem faced by Myspace is that if you start locking down all the things the users like about the service in the first place, they'll simply move elsewhere - quite the dilemma! However, somehow they need to educate their users to see that, sometimes, restrictions can be a good thing. The good news is, there are plenty of tech support and Spyware help groups on Myspace and they're doing an extremely good job of educating the everyday users there. We need to see much, much more of this kind of activity if Myspace is to begin clawing back the security of both its own service and that of its userbase.

Of course, if any of you Myspace users ever see anything you think is dubious going on - be it Adware, fake profiles or anything else - feel free to drop us a line here. We'll happily go check it out and see if we can get something done about it.

Stay tuned to Spywareguide, because we'll be looking at more common (and not so common!) scams and other such shenanigans going on in Myspace land - tomorrow, we'll be looking at a nice (!) example of Gambling software being pushed with (clearly fake) user profiles.

Looks like someone's number is up...

  • TrackBack

Listed below are links to weblogs that reference Webcam Bots Invade Myspace:

» Gambing Site Promoted by...Gambling Bots! from The SpywareGuide Greynets Blog
Yesterday I wrote about fake Myspace profiles leading to pornographic webcam sites - today, we're looking at a variation on the theme. However, the end result this time is not naked ladies, but gambling software. The profile uses the same... [Read More]


Site EULA | Site Map | Contact Us | About Us | Site and Spyware FAQ | Advertise | RSS Feeds  | Link To Us | SpywareGuide JapanJapanese

© Copyright 2006, FaceTime Communications, Inc. All rights reserved.