TOKYO (MacHouse) – What are common characteristics among the following celebrities?
Alicia Keys
Backstreet Boys
The Clash
Daughtry
Jennifer Lopez
Kelly Clarkson
Ricky Martin
Hurricane Chris
No. 1, they are all musicians. No. 2, their websites possibly have something to do with Sony BMG’s Myplay (http://myplay.com/). (Screenshot 01 shows the index page of Sony BMG’s Myplay website.) No. 3, most importantly, all their official websites are hacked and exploited. There is actually one crucial characteristic shared among all these exploited websites. And we will get to that in the next report.
 Screenshot 01 – Source: myplay.com |
 Screenshot 02 – Source: MacHouse |
 Screenshot 03 – Source: MacHouse |
A cyber criminal organization has been circulating spam comments around blogs and forums all over the world for the past several hours, suggesting that these musician websites are exploited for affiliate spam. (See Screenshot 02-5.) In fact, we have confirmed that all 8 musician websites are exploited. There might be more.
 Screenshot 04 – Source: MacHouse |
 Screenshot 05 – Source: www.aliciakeys.com |
 Screenshot 06 – Source: www.thebackstreetboys.com |
All 8 musician websites have a blog. And spam comments have been posted. (See Screenshot 05-11.) One exception is Jennifer Lopez’s blog (http://www.jenniferlopez.com/blog/). It appears that spam comments have been removed if there were. Nonetheless, Screenshot 12 implies that there are spam webpages installed right under the subdirectory of ‘blog.’
 Screenshot 07 – Source: www.daughtryofficial.com |
 Screenshot 08 – Source: www.kellyclarksonweb.com |
 Screenshot 09 – Source: www.theclashonline.com |
Let’s take a close look at Alicia Keys’ official website. You don’t have to go very far to find spam comments. You can see many of them right at http://www.aliciakeys.com/blog. There are spam comments about ‘ladbrokes online casino,’ ‘throat pokers,’ ‘dell computers web hosting,’ ‘joker poker pinball,’ ‘uk online casinos,’ ‘free blackjack software’ and more. There are many sponsors behind this spam operation. And there are at least 17 spam comments. They were all posted between 7:40 PM and 07:41 PM (U.S. CST), June 18.
 Screenshot 10 – Source: www.rickymartin.com |
 Screenshot 11 – Source: www.hurricanechrisonline.com |
 Screenshot 12 – Source: www.jenniferlopez.com |
An important question is why the spam posts have not been removed? They have been around for 36 hours or so. And nobody sees them? There are several possibilities we can think of as to why they have not been removed. These spam posts have not been removed
Click on the button to watch a documentation video. 
Click on the button to watch more documentation videos.
