The Latest in IT Security

XSS Attack on Sina MicroBlog

29
Jun
2011

If you have not heard of Sina Weibo in China, you are behind the times. Sina Weibo is the most popular microblog service in China, with more than 100 million registered customers. Just yesterday (28 June), Sina Weibo was attacked through an XSS exploit: more than 30,000 high profile customers were affected and sent out messages containing a malicious link.  Sina provided a quick response, within two hours, to stop this campaign. Websense customers are protected from this attack by ACE, our Advanced Classification Engine.

 


Here is a snapshot of a message with a malicious link posted by a high-profile customer. The content of the message is related to some hot topic or film star in China to lure the followers to click on the link.

 

 


 

Followers who click the malicious link are redirected to a page hosted on "weibo.com/pub/star", which contains an XSS exploit to allow the execution of malicious JavaScript from www.2kt.cn.

 

The malicious JavaScript code could post messages on the follower's microblog account, add a follow to a suspicious account, and send a personal message to his followers. Until now, the campaign has just spread itself with no other malicious intention. Interestingly, the suspicious account which affected customers was named "hellosamy", showing some respect to the world's first XSS worm "Samy", which spread on MySpace in 2005.

 


Although no malicious software was installed in this campaign, Websense reminds customers to do a simple check before you click on any suspicious URL, even it comes from your best friends.

 

 

Leave a reply


Categories

FRIDAY, NOVEMBER 27, 2020
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments