A couple of hackers have launched a campaign to draw attention to MySpace vulnerabilities, which it hopes will make more of a splash than January's month of bugs for Apple's software. The campaign has got off to a slow start, however, as even the hackersadmitted
"Note, it's a pretty light one, seeing how today is Sunday, and we don't really expect the crack MySpace Security Squad to actually do a lot of code changes on Sunday," they wrote. "So, we went with one they probably don't care about, and isn't terribly dangerous on its own."
The hackers, who go by the names Mondo Armando and Müstaschio, have said they picked MySpace for their project for its high number of users. MySpace had 64.4 million unique visitors in February, according to comScore Networks, which tracks site traffic. The hackers have informed MySpace of the project, they said.
The "month of bugs" theme has been criticised as gimmicky and, sometimes, just not that exciting. Others have done the "Month of kernel bugs" and "Month of PHP bugs" projects. The month of Apple bugs, which ran throughout January, turned up flaws but nothing too alarming.
But MySpace might prove more fertile. It has frequently been targeted by hackers since a single compromised account can open a door to potentially hundreds of thousands of other users, which can be targeted with spam or infected with malicious code.
In December, a worm rapidly spread across user profiles using a cross-site scripting weakness and a feature within Apple's QuickTime multimedia player.
Users who visited another MySpace profile could be infected by viewing an embedded QuickTime file, which could then begin an attack to capture the user's log-in details.
If the MySpace vulnerabilities aren't that thrilling, the hackers said it could aid the end of month-long bug-finding sprees.
"If it kills this Month of Whatever fad, then hurray for everyone, it's over," they wrote on their website.