New Myspace Feature Gives Green Light To Spammers

| | Comments (0)

If you happen to be a musician on Myspace, you'd have seen the following update from Tom yesterday:

newmspacehck2.jpg

"we have been working on a new feature that allows bands with over 10,000 friends to automatically approve friend requests to save you some time."

Myspace just made it a walk in the park for Spammers to plaster the most popular pages on Myspace with pill adverts, dubious redirects, porn spam....whatever they feel like. Previously you had to be a friend (added manually) to leave a comment on someone's page:

newmspacehck4.jpg

Not anymore!

Remember the Myspace band hacks from a while ago? These are still taking place, with what looks like a few new malicious domains thrown into the mix (thanks to JetKing for the tip):

http://blog.spywareguide.com/upload/2008/01/newmspacehck1-thumb.jpg
Click to Enlarge

Note the ".cn" domain in the bottom left hand corner. This will of course redirect you to a fake media codec install:

http://blog.spywareguide.com/upload/2008/01/newmspacehck3-thumb.jpg
Click to Enlarge

Considering band pages are a huge target for Myspace hackers at the moment, this new policy - effectively a green light to as much profile spam as you can handle - allows links to this kind of redirect to be pasted all over music profiles with no need for the page owner to approve anything first.

Has this move been brought about by people working on behalf of the most popular artists complaining about the amount of friend requests they have to manually approve? Possible, given the content of a Bulletin sent out by a band (and passed onto me by a contact who received it):

"Title : THERE IS A GOD!!!!!!!!!

Incase you're wondering why I posted this, dear **** band's fans, adding 250-300+ people EVERY SINGLE DAY FOR THE PAST 4 YEARS, hasn't been my idea of a good time. So MySpace has FINALLY listened to the bands moans, mine included! I sent them an email about this late last year and by god, they listened!"

However, the cost of an automated process like this is to give people with malicious intent permission to post whatever they want, whenever they want - simply by starting the ball rolling with a friend request to anyone with more then 10,000 people on their friends list. Of course, some profiles will have comments moderation enabled - but if the people using the auto-add feature are using it to save time in the first place, why would they bother to wade through hundreds of moderated comments too?

Myspace are having enough problems as it is, recently - why add to them needlessly?

Leave a comment

About this Entry

This page contains a single entry by Christopher Boyd published on January 18, 2008 12:52 AM.

Myspace Prank Relocates You To Japan was the previous entry in this blog.

Myspace Fake Profile Spammers: This Is How They Do It is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.