Hacker's MySpace profile deleted
Las Vegas - By the time Rick Deacon was finished showing hackers in Las Vegas how to take over MySpace profile pages, he was evicted from the social networking website and the weakness fixed.
The United States college student uncovered a MySpace vulnerability months ago and shared his discovery at DefCon, the largest gathering of computer hackers in the world.
"In retrospect..."
"Obviously they weren't happy about it," Deacon said after he finished his presentation, checked his email and saw a message from MySpace telling him his account was deleted for "violating terms of service."
"In retrospect, I should have used a dummy account."
Deacon's attack relied on duping MySpace users into clicking rigged links, perhaps in online forums or bulletin boards, which routed them to a file that steals passwords and identifying information stored in software "cookies."
Hackers could take control of users' profiles and use them as springboards for more attacks or to infect users' computers with viruses, according to Deacon.
"It's fixed now as far as I can tell," Deacon told AFP. "I'm actually proud of them for finally patching it."
"I'm actually proud of them for finally patching it."
Deacon said he created a new MySpace account but has no plans to hunt for a new way to hack the website.
"If you talk to them, tell them I'm sorry," Deacon said. "I'll keep my new MySpace account as what it should be, a place for talking to my friends." - AFP
source: www.ioltechnology.co.za
The United States college student uncovered a MySpace vulnerability months ago and shared his discovery at DefCon, the largest gathering of computer hackers in the world.
"In retrospect..."
"Obviously they weren't happy about it," Deacon said after he finished his presentation, checked his email and saw a message from MySpace telling him his account was deleted for "violating terms of service."
"In retrospect, I should have used a dummy account."
Deacon's attack relied on duping MySpace users into clicking rigged links, perhaps in online forums or bulletin boards, which routed them to a file that steals passwords and identifying information stored in software "cookies."
Hackers could take control of users' profiles and use them as springboards for more attacks or to infect users' computers with viruses, according to Deacon.
"It's fixed now as far as I can tell," Deacon told AFP. "I'm actually proud of them for finally patching it."
"I'm actually proud of them for finally patching it."
Deacon said he created a new MySpace account but has no plans to hunt for a new way to hack the website.
"If you talk to them, tell them I'm sorry," Deacon said. "I'll keep my new MySpace account as what it should be, a place for talking to my friends." - AFP
source: www.ioltechnology.co.za
