Yeah, I know. Picking on Tom is akin to pushing a kid with Down Syndrome and Cerebral Palsy onto a lake covered by a thin layer of ice. I guess this just makes me a big mean bully, but the dude should know better than to post garbage when a zillion people are going to read it.

Here’s his latest announcement that splashed across millions of screens yesterday:

Now, let’s rip that apart to see what he was really saying…

continue reading "MySpace Tom’s Latest Announcement - The Deciphered (No BS) Version"

In case you haven’t heard…

There’s a zillion billion news stories going around about MySpace filing suit against Scott Richter who is fairly well known as the “Spam King”. He picked up that name after owning a clothing line that used it (in violation of someones trademark, naturally) and for… Well, being one of the biggest shit-bags to ever grace the net with massive loads of spam.

The suit filed by MySpace alleges that Richter and his company; OptInRealBig which is the parent company of the CPAEmpire.com CPA network, has been spamming MySpace users via bulletins from phished accounts. This isn’t shocking news to me since I busted someone sending traffic to CPAEmpire affiliate links in that exact fashion over a month ago.

If the rumor mill is correct, Scott Richter is simply the beginning of this. Apparently, MySpace plans to file similar suits against over 20 ad networks. Since that suit against Richter has been filed, this is no surprise either.

The below are some excepts from a email convo I had with a MySpace employee back in June of 2006. He initiated the correspondence after reading something I wrote about the adult webcam spam (NSFW) that’s extremely popular on MySpace.

“I’m curious what advice you have for us? We have a good team on it, but don’t have the inside perspective you do ”

“My idea is extremely simple: Sue them. And, have them reprimanded any way you can from a criminal standpoint… You guys have a ton of claims that could be made… negative effect on your brand, hurts your CPM rates, ruins user experience, etc.”

Well, it looks like they’re finally going to be smart about this. Or, are they? There’s some major issues that come along with the “sue the bastards” approach…

continue reading "MySpace’s Offensive Against Spam - Awesomeness Or Huge Screw-Up?"

About a week back my buddy Paul Wood from MessageLabs received a friend request from “some lovely lady – ahem” on MySpace. If you’re a regular over at the trailer park of the interweb, you’re more than use to getting bogus friend requests from fake profiles being used to market some nonsense, phish your password, or get the ball rolling on yet another worm. Paul’s new sweetheart was no exception.

The hustle in question was / is just a copycat version of the old “MySpace Content Viewer“. Not a bad hustle to copy since I’m sure it was / is insanely effective at getting eRetards to download a payload of nastiness. When you completely rip off the idea of another dip-shit you’re suppose to do one of two things though…

continue reading "Lamest attempt at spreading a payload of evilness… ever."

For the love of strippers and one dollar bills, you would think that the QuickTime mess over at MySpace would be over by now. Well, it’s not. Here we are with a new QuickTime worm over 30 days after MySpace and Apple completely botched up their security patch effort which resulted in a goofy blame game and MySpace Tom getting Pwned. About the only thing it didn’t result in was a patch that actually worked. The kicker about this “new” worm is that it’s anything but new. It’s using the exact same JavaScript from the last worm.

How do you know it’s the same JavaScript???
Because it still has comments in the code made by Billy Hoffman of SPI Dynamics from when he posted it.

Meaning exactly what?
The lamer behind this worm swiped the code from a site whose purpose in posting it was to “learn more about these types of worms and help other online applications and communities protect themselves”. In all fairness to Billy Hoffman and crew: they didn’t even post the code until after MySpace had supposedly patched the issue.

To add even more unoriginality to this worm, it added some text to everyone’s Hero section who got infected:

Sorry Nathan, but you ain’t no Samy. Adding a couple snippets of code and removing a few from someone else’s scripting doesn’t make you a super hacker genius. It does make MySpace look like total retards though. lolz

As of right now, this worm has been neutrilized by MySpace. They added the current url the files are sitting on to their filter list (crosssiterequest.somee.com). Of course they had just finished getting all those files pulled from a free 110mb.com hosting account. So, this kid will likely just keep jumping from free host to free host with this crap.

“MySpace Still Plagued By QuickTime Worms”
Yeah, I put that “s” in the title of this post on purpose. This isn’t the first “new” worm I’ve noticed on MySpace. They had one going around that added “Anthony G is my Hero” with the “G” linked to a MySpace profile. And, another one that was/is changing people’s display names. And, and, and… I haven’t been on MySpace much lately, but I’m sure there have been others.

A few weeks back I posted this blog entry predicting that QuickTime embeds would be used for upcoming MySpace worms and other evilness. Sure enough, ten days later I broke the story of the latest worm to hit MySpace. After my buddy PaperGhost wrote about it on his personal and company blogs it exploded all over the interwebz.

The cleanup process has been laughable at best so far. Brian Krebs over at the Washington Post slammed Apple and MySpace for the “yes, we is be retarded” move of having MySpace distribute a patch for QuickTime. And, MySpace has been playing the blame game by insinuating that Apple is at fault for the worm.

continue reading "Myspace Tom Pwned While Trying to Blame Apple"