Account Hijackings Force LiveJournal Changes


LiveJournal, an online community that boasts nearly 2 million active members, on Thursday announced sitewide changes for users logging into their accounts -- changes prompted by a hacker group's successful hijacking of potentially hundreds of thousands of user accounts.

In an alert posted to its user forum, LiveJournal said it was instituting new login procedures for users because "recent changes to a popular browser have enabled malicious users to potentially gain control of your account."

An established hacker group known as "Bantown" (I would not recommend visiting their site at work) claimed responsibility for the break-in, which it said was made possible due to a series of Javascript security flaws in the LiveJournal site. Security Fix - Brian Krebs on Computer and Internet Security - (washingtonpost.com)

Linked by shanmuga Saturday, 21st January 2006 6:28AM