With over 140 million users, Sina Weibo is the most popular social networking site in China, a country where both Twitter and Facebook are banned. The site's administrators announced that an worm exploiting an XSS weakness hit the platform on Tuesday evening. The worm propagated through messages that lured users with videos, pictures and software. For example some advertised bloopers from a new film, while others nude pictures of Chinese actress Fan Bingbing. Clicking on the included links forced users to re-post the spam messages from their own accounts, therefore helping the worm spread.
The attack was apparently launched from an account called @hellosamy, a name possibly chosen as a tribute to the Samy (Spacehero) worm released on MySpace back in 2005.
The work of security enthusiast Samy Kamkar, Spacehero was the first large-scale worm to spread on a social network by exploiting a cross-site scripting vulnerability and paved the way for many similar attacks that have occurred since then.
There is barely any social network left that hasn't been affected by such a worm. Some of them have had to deal with such problems multiple times and on some occasions the attacks distributed malware or spam.
There doesn't seem to have been any malicious component behind the Weibo worm, though, except for its spreading mechanism.
When such attacks happen if webmasters are not quick enough there is a high risk that the worms will mutate as other users modify the code and launch their own versions. In this case, the Weibo staff plugged the hole in around one hour, which is a rather long time for such an attack.
LINK TO OUR HOME PAGE :