MySpace Group Hacked And Deleted

[zoobyshoe]

Last night someone hacked the World Artist's Network, which was MySpace very largest forum, and deleted the whole thing.

For hours I couldn't log on and thought it was just a server problem or something someone could easily fix. Instead, today, word started filtering around that someone had deliberately sabotaged the forum.

I am really surprised that someone could do this. By which I mean, that the forum isn't better protected from this sort of thing. Someone said it's happened to other forums there as well.

The moderator instantly contacted the MySpace central control, but, surprisingly, they haven't replied yet or done anything to try and recover the forum. In the mean time he started a new forum where people could gather, and survivors of the deleted forum have been straggling in all day, suffering from withdrawal and shock.

They located the profile from which the hacking took place but the person claims their profile, itself, was hacked and used as a base to perform the sabotage.

 

[hypatia]

Myspace has never been noted as being well protected. From what I hear, its a easy hack.
Even the blogs on my own Myspace, are backed up in another site.
Sorry to hear about that group being hit.

 

[dontdisturbmycircles]

If there are a lot of people on the group, perhaps your own server/forum website would be a viable option. I don't have much experience with myspace so I am not sure.

It's pretty sad how one or two people can derive pleasure by ruining a good thing. :/

 

[matthyaouw]

Does myspace allow backups to be taken? When I helped run a messageboard elsewhere, they were known to be vulnerable so it was routine to backup the database weekly. Then it was simply a case of restoring it to the most recent backup when it went down. Its quite sad the amount of times I've seen a group lost because the owner couldn't be bothered to do this routinely.

Its a shame that people feel the need to do things like that.

 

[zoobyshoe]

I have no idea how any of this operates. The moderator and the MySpace owners are going to have to sort it out. There was a massive number of members in this group, but probably only about 100 active members at any given time.

There's a rumor it was the saboteur's revenge for having his artwork criticised and dismissed, but so far that's just a rumor.

 

[moose]

One of my friends was telling me that he made a script that saved a backup of his forums to his server and to gmail once every few days. Kinda neat. Then once in a while, he would make a hard copy of all of the backups... Worked pretty well.

 

[zoobyshoe]

It was, inexplicably, back up and online for a few hours today, then went down again. The moderator has no idea what happened. There's very little communication between the people who start and run these forums and the technical people who keep MySpace operational. They still haven't gotten back to him about any of the problems.

 

[zoobyshoe]

Here is a post from the group leader:

Tommy Brown wrote:
Here is an email I have sent to two different myspace help profiles. Feel free to send them messages too. Their URLs are listed below.

Hi.

I was the moderator of the World Artist Network, which was the largest group on MySpace, until some hackers hacked into my account and deleted it. This happened just Sunday night and the MySpace support got right on it and my group was restored by Monday night, but unfortunately someone deleted it again.

Here was the URL of that group: http://groups.myspace.com/wan

I have a lot of angry members who want to get back to posting art and discussing art. You'd be amazed!

Anyway, I am copying and pasting an email I got from a myspace member who tried to explain it to me. See below.
Your group was deleted by a group deleting hack/exploit that's being passed around. Several of the larger MySpace groups have been deleted because of this.

Did you view the profile of the person who sent you the message? If so, this is what got your group deleted. The "hacker"'s profile contained a malicious code that, upon being viewed, forces you to resign from your own group thus rendering the group "invalid."

Your group can be restored, though. Try sending emails to these people:

myspace.com/myspacehelp
myspace.com/customercare

Good luck (and be careful when viewing suspicious profiles). [/color]Please let me know if I can get my group restored once again.


Tommy Brown

This part sounds strange to me:

Did you view the profile of the person who sent you the message? If so, this is what got your group deleted. The "hacker"'s profile contained a malicious code that, upon being viewed, forces you to resign from your own group thus rendering the group "invalid."

Is it really possible to be affected by simply viewing something? Doesn't the hacker have to send something into your computer via a cookie or something?

 

[EmilK]

Is it really possible to be affected by simply viewing something? Doesn't the hacker have to send something into your computer via a cookie or something?

For more MySpace related issues with exploits, http://www.securityfocus.com/swsearch?sbm=%2F&metaname=alldoc&query=myspace&x=0&y=0 gives an interesting look at the security. Or lack thereof, I should say. They have almost frequently gotten targeted by XSS exploits.

 

[zoobyshoe]

For more MySpace related issues with exploits, http://www.securityfocus.com/swsearch?sbm=%2F&metaname=alldoc&query=myspace&x=0&y=0 gives an interesting look at the security. Or lack thereof, I should say. They have almost frequently gotten targeted by XSS exploits.

What are XSS exploits? Some kind of hackers club?

 

[EmilK]

What are XSS exploits? Some kind of hackers club?

Cross site scripting (XSS) is a type of computer security exploit where information from one context, where it is not trusted, can be inserted into another context, where it is. From the trusted context, an attack can be launched.

Some in-depth information about the XSS exploits on MySpace, you could read this