In association with heise online

« previous | next »
16 January 2007, 12:26

Phishing website collected 57,000 logins from MySpace users

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Around 57,000 sets of login data for the social networking website MySpace.com are stored in a publicly accessible phishing file from a faked website. A large number of MySpace users have clearly been caught out by an imitation website which looked like MySpace.com - the link to the site was sent via phishing e-mails. Many of the victims are clearly not using anti-phishing toolbars - the anti-phishing systems in Firefox 2 and Internet Explorer 7 and the Netcraft toolbar all recognised the website as faked. The website has since been removed from the web.

On being made aware of the data by a posting on the security mailing list Full Disclosure, security specialists took the opportunity to analyse the passwords. Brian Krebs of the Washington Post has produced a list of the top 20 most popular passwords:

password1
abc123
swimmer1
iloveyou1
monkey1
****you
123456
myspace1
****you1
i
password
babygirl1
iloveyou2
football1
danny12031986
blink182
princess1
freesh**4me
16188s
123abc

(* indicates letters censored by Krebs)

Some of the user names and passwords suggest that visitors to the faked site were well aware of where they had ended up:

Screwyouphishers:hahascrewyou
youmustbecompleteretards at idiot.com:doyouhonestlythinkiwillputmyrealpasswordhere

According to Krebs just 37,621 of the 57,406 data records contained unique passwords. Nonetheless, almost 13,000 passwords were at least 8 characters long, and almost the same number were nine characters in length. 47,854 of the passwords even contained at least one number. According to Krebs, the results confirm an analysis undertaken by Bruce Schneier, following the MySpace-Worm attack which stole 34,000 sets of login data from users.

It remains unclear what the phishers intended to do with so many MySpace accounts and e-mail addresses. Krebs expects them to be used to distribute spam. In addition, because users often use the same passwords for various services, the fraudsters could try to gain access to other accounts, such as eBay, Amazon, PayPal or Skype.

See also:

(ehe)

« previous | next »
Print Version | Send by email | Permalink: http://h-online.com/-732122

Also on The H:

 
The H Open Headlines
    • July's Community Calendar

            The H

            The H Open

            The H Security

            The H Developer

            The H Internet Toolkit