Myspace: March 2008 Archives

Myspace hacking tools are a magnet for wannabe script kiddies and leet hax0rs. Here's the latest one I've seen in the last couple of days:


....ooooh. But wait, it gets better:


I've no idea who "Paul & Nick" are, but they'll probably attract a fair amount of people to this application (that weighs in at a tiny 24kb in size) before they realise it's a fake. Enter the Myspace page that you want to target (or leave it blank!), hit the "Hack" button and....


Whoops. Thanks to a line of code that says this:

00002A24 00402A24 0 shutdown -f -s -t 0

...the PC (as you probably already guessed) does indeed shutdown:
Click to Enlarge

No lasting harm is done to any PC that the file is run on. We detect this as Myspace.Shutdown.

Research Summary Write-Up: Chris Boyd, Director of Malware Research
Additional Research: Peter Jayaraj, FSL Senior Threat Researcher

Here's an interesting twist on the usual fake profile invites I regularly receive on Myspace.


Normally, you click the link and are taken to a standard fake profile advertising webcams or something of a similar nature. If you refresh the page, you'll see the same content - just like a regular Myspace profile. Well, in this case the code used by the bad guys means the page is no longer static. Refreshing the spam profile will endlessly cycle through a whole raft of fake overlays and images:
Click To Enlarge The Above 4 Images

All of the above pop up on the profile link I was sent (you can see the URL remains the same in each screenshot).

How do they do it? Well, they're overlaying the profile page with a large clickable image, a common tactic that was used in the Myspace band hacks from a while ago. Here's the code:


In other words, a random image (made to look like a Myspace profile) is served from here:


And clicking it will take you here:


Which redirects you to


...before finally leaving the end-user at the eventual destination of teen(dot)livecamfun(dot)com. The curious thing is, why would you bother to make your spam profile pages dynamic in this way? Once you've seen one, you leave it and don't go back. I can't imagine someone revisiting the page simply because the images keep changing...


About this Archive

This page is a archive of entries in the Myspace category from March 2008.

Myspace: February 2008 is the previous archive.

Myspace: April 2008 is the next archive.

Find recent content on the main index or look in the archives to find all content.