Computerworld: Glory Hunter Hacks MySpace Pages of Timberlake, Hilary Duff

Several celebrity MySpace.com sites were defaced Wednesday by someone hoping to impress a hacker crew, a security researcher said Friday, a motivation of yore that harks back to when hackers sought notoriety rather than credit card numbers.

A hacker identified only as “Tesla” broke into the MySpace pages of model/singer Tila Tequila, singer Justin Timberlake and actress/singer Hilary Duff, said Chris Boyd, the director of malware research at FaceTime Communications Inc. After accessing the page, Tesla replaced some of their original text with his own.

“HEY TESLA HERE. JUSTIN TIMBERLAKE HAS BEEN HACKED BY ME,” Tesla slapped on Timberlake’s page.

“HEY THIS IS TESLA AND I DECIDED TO HACK TILA’S MYSPACE. SHOUTS AT KRYOGENIKS.ORG,” the hacker wrote on Tequila’s page. In another message posted to the page the hacker said: “I like to hack I think Tila’s a hottie and uh I wanna join team kryogeniks!”

“This guy’s idea was to impress others, so he went on a rampage on MySpace,” said Boyd, who managed to capture screenshots of the defaced pages before they were cleaned Thursday. “But all his shoutout to this ’Team Kryogeniks’ did was get the forums at kryogeniks.org suspended [by its hosting service].”

Unlike other MySpace breaches, including the one last month that hacked pages belonging to numerous bands and musicians, among them Alicia Keys, this week’s did not plant malicious code or try to infect visitors with Trojan horses and other malware. “This is a very unusual hack,” Boyd agreed. “There are still some people who are in it for the glory, I guess.”

The vast majority of attacks are launched with profit in mind, a turn-about several years ago from the longer-running tradition among hackers that motivated them to hijack computers for notoriety among their peers.

“Most hackers today would see this as a missed opportunity,” Boyd continued, “because he didn’t add anything else to these pages. Once he’d hacked the pages, theoretically he could have placed malicious content on them.”

The attention drawn to kryogeniks.org resulted in its Connecticut-based hosting service suspending its account. As of Friday, the site was still offline, but attempts to reach it were being redirected to a message that denied the existence of Team Kryogeniks. “There is NO SUCH THING as ’team kryogeniks,’ and if there is, it has nothing to do with this site,” the message claimed.

Even if that’s not true, it doesn’t look like Tesla is in Kryogeniks’ good graces, Boyd said, and Kryogeniks’ message echoed that. “Also, we have nothing to do with Myspace.com and all profiles on that site being extremely insecure, and apologize to anyone who is unfortunate enough to have their MySpace accounts hacked due to the ease in which MySpace makes it for idiots with no technical skills to hack,” the site stated.

Boyd, for one, didn’t know how Tesla broke into the MySpace pages, but he might have been done it with a one-two punch of a phishing attack to steal legitimate log-in credentials combined with a cross-site scripting attack. “I would hope it’s phishing,” Boyd said, “because otherwise it’s another vulnerability in MySpace.”

MySpace did not respond to a request for comment.

By Gregg Keizer, Computerworld (US online)