Samy opens new front in worm war


The newly discovered Samy worm is one of the first to exploit a cross-site scripting vulnerability, a technique security experts fear could be used to open a new front in attacks.

Samy is a self-propagating worm that appears to have been written by a member of MySpace.com, a community site dedicated to helping friends stay in touch and share pictures. By exploiting vulnerabilities in the MySpace.com site, the worm added a million users to the author's "friends" list.

Although the worm is no threat to other Web sites, security experts say the new self-propagating cross-site scripting (XSS) worm will likely be copied by other writers of malicious software. Samy opens new front in worm war | CNET News.com

Linked by shanmuga Monday, 17th October 2005 10:03PM