Samy opens new front in worm war

The newly discovered Samy worm is one of the first to exploit a cross-site scripting vulnerability, a technique security experts fear could be used to open a new front in attacks.

Samy is a self-propagating worm that appears to have been written by a member of, a community site dedicated to helping friends stay in touch and share pictures. By exploiting vulnerabilities in the site, the worm added a million users to the author's "friends" list.

Although the worm is no threat to other Web sites, security experts say the new self-propagating cross-site scripting (XSS) worm will likely be copied by other writers of malicious software. Samy opens new front in worm war | CNET

Linked by shanmuga Monday, 17th October 2005 10:03PM