Shulou(Shulou.com)06/03 Report--

This article mainly introduces what the hellosamy Sina attack is, the article is very detailed, has a certain reference value, interested friends must read it!

Hellosamy exploits a XSS vulnerability in Sina Weibo to brush screen viral links.

Introduction to hellosamy

Sina Weibo was spoiled by a mysterious person named hellosamy on the evening of June 28, 2011 and began to erupt at 8 o'clock. It is understood that after poisoning, users will automatically release a large number of linked contents such as "the place to break through the Great cause of Party Building" and "3D Meat futon High definition Putonghua seed" in a short time, and at the same time send private messages with viral links to fans. Poisoned users report that once fans click on these links, they will be infected with Weibo virus and automatically post viral Weibo and private messages with logged in Weibo accounts.

Then the poisoned user "Android Forum" posted on Weibo that the virus was initiated by a user with the account "hellosamy", who forced the poisoned account to follow himself while spreading the virus in large quantities, resulting in more than 30, 000 followers in a short period of time.

The clues to the incident are as follows:

At 20:14, a large number of certified users with V were hit by the forwarding worm.

20:30, the virus page cannot be accessed

20:32, hellosamy users on Sina Weibo cannot access

At 21:02, the loophole of Sina was repaired.

Hellosamy attack method

1. Take advantage of the XSS vulnerability of Sina Weibo.

2. Use the short domain name service provided by Sina (these websites are now "harmless")

3. When Sina login users accidentally visit the relevant web page, because they are logged in, they will run this js script to do several things:

a. Post on Weibo (let more people see these messages, and naturally more people will suffer)

b. Add followers, add 2201270010 users with id of 2201270010-- this should be the hellosamy mentioned by everyone.

c. Send private messages, send private messages to friends to spread these links.

The above is all the contents of the article "what is the hellosamy Sina attack?" Thank you for reading! Hope to share the content to help you, more related knowledge, welcome to follow the industry information channel!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.