Reason behind MySpace new captchas – and why the Coolchaser ribbon has disappeared
Posted May 1, 2007on:
As users of CoolChaser, our new profile and blog layout editor, have known, MySpace started adding captchas to profile editing, effectively preventing our auto insertion software from working for a few days last week.
I think I may have found a possible reason for MySpace’s recent actions and we want to warn our users about it. It looks like there’s a malicious MySpace malware floating around. It manifests itself as a huge invisible box, effectively floating on top of your profile. When a friend clicks on say a link in your profile, the invisible box (technically a huge invisible image link) is above the link and redirects your unsuspecting friend to a totally different website from the link.
We first came across these profiles “in the wild”, but have recreated it on this profile to study it better. You can see that MySpace has rewritten the invisible DIV’s link from http://www.dsadsaddd.br.gd/ to http://www….br.gd/.
MySpace has been silently, but I think fairly successfully curbing this malware. Not too many www.dsadsaddd.br.gd searches show up, but if you find that your profile has this behavior, that’s what has happened.
So, what has this got to do with the disappearing CoolChaser ribbon? Well, it turns out that the ribbon uses a CSS code “position: absolute” that the malware also uses. This is the code that allows arbitrary placement of a HTML element on a page. It looks like MySpace now requires a captcha every time this code is used. To make our auto insertion software work again, we’ve had to remove the ribbon!