Hackers seize Alicia Keys’s MySpace page, launching malware attacks

Malicious hackers have seized control of several high-profile MySpace pages and using rigged image backgrounds to launch drive-by malware attacks.

According to anti-malware guru Roger Thompson, the official MySpace page for singer Alicia Keys was among those booby-trapped to attack visitors who clicked almost anywhere on the site.

Thompson, chief technology officer at Atlanta, Ga.-based Exploit Prevention Labs, discovered that when a visitor loads the infected MySpace pages, they’re first hit by an exploit that installs malware in the background if the user is running an unpatched Windows machine.

Next, the attackers use a fake codec to lure victims into manually launching an exploit. This will infect a fully patched machine because the social engineering lure ensures that victim willingly installs the malicious software.