Home > Phishing / Scams > MySpace Phish Grabs 56000+ Usernames and Passwords

MySpace Phish Grabs 56000+ Usernames and Passwords

January 16th, 2007 Leave a comment Go to comments

It would seem that a lot of people still haven't learned to check their address bar prior to logging into a page... I say a lot because at least 1 or 2 of the 56000 users taken in by http://www.marcolano.com/login (google cache) provided false information.

I actually feel quite bad for the users involved in this phishing quest. Generally your password is obtained by the person running the phish attempt, however someone felt the need to provide a link to the list of passwords as it was being created. After the site was taken down, someone had the "genius" thought of circulating this list on the Full Disclosure mailing list.

A quick whois of the domain provides the following details:

Domain name: marcolano.com

Registrant Contact:
LunarDev Productions
Marc Olano (marcolano@hotmail.com)
+1.8583738773
Fax: none
1252 Grand Avenue
San Diego, CA 92109
US

I've fired off an email to Marc to see if he was responsible or if it was a website compromise. If he was responsible, I've also asked him what his motivation was, although I doubt I'll receive a response. I've also fired off an email to MySpace in case they were unaware of the issue (which seems doubtful), and I find it interesting that they don't have a generic security contact address that's easy to find on their website. This is something that all major websites should have, in my opinion, easily viewable on their main page.

I would like to note that this page was submitted to the FireFox 2.0 Phishing Protection page. As soon as I attempted to visit the page, even though the server was down and no page was loaded, I received a warning about the site being reported as a fake.

[UPDATE] Brian Krebs has published an article where he performs breakdowns of the passwords. Providing the most common passwords, the number of unique passwords, and a count of the length of the passwords.  

Peace,
HT

Categories: Phishing / Scams Tags:

This website uses IntenseDebate comments, but they are not currently loaded because either your browser doesn't support JavaScript, or they didn't load fast enough.

  1. Marc Olano
    January 26th, 2007 at 18:51 | #1
    Reply | Quote

    I’m a victim here. Someone hacked into my domain account, set up those hacks, and phished accounts on myspace… but we have since resolved the issue. I apologize if you have been victimized as well, but really, think about it. If I were a hacker why would I use my own domain, that I’ve had up the last three years, and jeopordize something like this happening? Beleive me or not. But it’s the truth.
    -Marc

  2. Tyler Reguly
    January 28th, 2007 at 05:18 | #2
    Reply | Quote

    Thanks for the comment Marc… Apparently my Spam filter caught the post.. I just saw it now while I was going through the list to clean it out. And what you say does make sense…

  3. A
    March 23rd, 2007 at 04:25 | #3
    Reply | Quote

    HELP!!!!!!! ok, whenever i try & login to myspace i get a server error page with big red writing and with loads of stuff about runtime errors ,custom errors, confuguration and loads of other stuff i cant understand. i think this is a virus……….my page is still there but i cant log in. cant look at anyones photos either.cant contact myspace.this stupid page comes up everytime. how do i get rid of the virus? does anyone know? or is anyone else havin the same shit?
    would appreciate any clues! peace, A

  1. April 10th, 2007 at 19:47 | #1
    socialham.com » Blog Archive » RIP MySpace Robot Software