PC Virus Attacks ‘LiveJournal,’ Steals E-mail IDs
According to recent news reports, blogging site 'LiveJournal' was attacked by a virus, which spreads rapidly and seizes e-mail addresses of people who logged in and generated entries. These entries were private but the attack made them available to everybody.
A simple glance at a posting on LiveJournal caused the virus to self-propagate on users' computers as the posting already contained the malware. Following the theft of the e-mail addresses, the virus planted malicious software on the users' accounts, which further attacked other visitors of LiveJournal.
Moreover, employees of LiveJournal posted a blog in which they stated - the incident generated a small amount of privacy breach but it was a serious issue. Therefore, they decided to make a post in order to notify everyone about the problem along with the activities performed by the virus. The blog post also indicated to the suggestions an affected user should follow to block the spreading of infection.
The employees further wrote that authentication cookies, passwords and similar sensitive information weren't captured. Besides, the virus even left users' PCs undamaged.
The reports further state that the attack after remaining alive for approximately 2-hrs was successfully aborted on September 22, 2009 at around 8:50 pm of California time.
Moreover, web-security researchers explained that the virus would disseminate via malevolent media files from Adobe Flash, which employed "cross-domain scripts" for making illegal modifications to user accounts.
It managed to spread as users watched an entry that contained the contaminated Flash media, which resulted in the script changing the final account entry and loaded that entry with the malicious software.
Additionally, the employees' posting speculated that the entries, which planted the malevolent media files numbered less than 100, but it warned that the total number of contaminated visitors could be higher.
» SPAMfighter News - 15-10-2009