The Sina Weibo, launched in late 2009, encounted its first virus attack on June 28, 2011. |
China's 'Twitter' Sina Weibo hit by virus |
新浪微博首次爆發(fā)病毒 |
Sina Weibo, China's Twitter-like microblogging service, was hit by a hacker attack around 8 p.m. on Tuesday, affecting over 30,000 users, the National Business Daily reported Wednesday. Many Weibo users received private messages or comments containing malicious links that when clicked would post another malicious link on their microblog automatically. The deception thus became a vicious cycle infecting more and more users. Users affected by the virus automatically followed a Weibo user named "hellosamy," who is believed to be the maker of the virus. The account had more than 30,000 followers when Sina Weibo finally located and deleted it. The incident is the first attack on Sina Weibo since its launch at the end of 2009. The virus was based on a cross-site scripting XSS vulnerability allowing it to insert malicious html code into Web pages. Sina Weibo has been going all out to promote its open platform strategy recently. Experts believe the attacker may have used loopholes in that platform. By 9:25 p.m., Sina Weibo announced that it had cleared all elements of the virus, adding that users' personal information, including their account passwords, were not compromised.? |
6月28日晚間8時(shí)許,新浪微博突然出現(xiàn)大范圍用戶 “中毒”現(xiàn)象,超過3萬名用戶被感染,每日經(jīng)濟(jì)新聞報(bào)道。 很多微博用戶在其私信或評(píng)論中收到惡意鏈接,他們點(diǎn)擊后系統(tǒng)會(huì)自動(dòng)發(fā)布一條帶有惡意鏈接的微博,這樣一來又造成了進(jìn)一步的擴(kuò)散,形成惡性循環(huán)。 用戶被感染后,還會(huì)被強(qiáng)行關(guān)注ID為hellosamy的用戶,因此此人被認(rèn)為是病毒的始作俑者。被新浪微博清理時(shí),它一度有超過3萬名“粉絲”。 這是新浪微博自2009年底上線以來首次爆發(fā)病毒事件。 此次病毒為XSS型,即惡意攻擊者在Web網(wǎng)頁中插入惡意html代碼。由于新浪微博于近期大力推進(jìn)開放平臺(tái)戰(zhàn)略,因而不少人士懷疑該漏洞與此有關(guān)。 新浪微博昨日晚間發(fā)布微博稱,截至21時(shí)25分,微博上的惡意鏈接數(shù)據(jù)已經(jīng)清除完畢,并稱用戶密碼等個(gè)人信息不會(huì)受到影響。 |
China's business press carried the story above on Wednesday.