The Latest in IT Security

First microblog attack in China

30
Jun
2011

Sina microblog is the biggest microblogging platform in China and is very similar to Twitter. It has more than 140 million users, which is almost 10% of the population of China. On June 28 this year, it was attacked by an XSS worm and more than 30,000 users were affected. The worm aggressively sends out messages containing enticing hot topics and a shortened link to the member's follower list. This is not the first time that threats have used shortened links and on this occasion, it was used as a very simple but powerful tool by the attackers to hide the actual malicious URL.

The following is a screenshot of some of the spam messages sent out by the threat:

Once the link is clicked, the user's computer is infected and the threat starts sending private messages with the same shortened link to their followers, and posts these messages on their microblogs. Compromised computers also automatically add a new follower to their follower list called "@hellosamy", who is suspected of being the attacker.

Not long after the worm first appeared, Sina posted a message stating that the vulnerability has been fixed. Sina has since removed the malicious links and locked the attacker's account. It has also reported the attack to the Chinese authorities.

This worm only sends messages to followers of the infected user and does not steal passwords nor other sensitive information. Symantec detects this threat as JS.Weisamy.

Leave a reply


Categories

SATURDAY, JULY 31, 2021
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments