[Previous entry: "Best Practice for securing E-Business Suite updated"] [Next entry: "Jonathan Lewis has a new weblog"]
myspace hacked
October 30th, 2006 by Pete
Post to del.icio.us
Post to Furl
I saw an interesting post this evening on NetCraft titled "Myspace Accounts compromised by Phishers". This is not an Oracle security issue but interesting all the same as its a good example of the latest trend in website attacks where the hacker is able to compromise the host site to trick users into clicking on a link that takes them to a remote site, in this case to steal password details. In this sort of attack its difficult to detect because the user is still on the real site. The hackers (I dont know if this is how they have done it) use Javascript and iFrames to redirect the user. I saw a great demo of this type of attack at BlackHat this year where the tchniques was used to attack a PC on the internal network on an internal IP address.
