-
-
[旧帖] [原创]警惕:新浪微博蠕虫开始爆发 0.00雪花
-
发表于: 2011-7-5 16:38
-
今天下午,超级巡警团队监测到新浪微博出现蠕虫,该蠕虫主要利用了新浪微博中的XSS跨站漏洞对用户发起攻击,当用户被成功攻击后,蠕虫会发送大量的相同内容,目前已经有数万用户中招。
据网友反馈:北京时间 2011.06.28 20:14 @天才小熊猫 (《右下角的战争》gif动画作者) @辅旋律 (《计算机世界》副主编黄智军 这2个带V的微博开始发出蠕虫。
蠕虫现象1
蠕虫现象2
超级巡警团队分析,该蠕虫脚本来自一个网站,具体内容如下:
蠕虫JS
超级巡警团队已经联系新浪官方,发出预警,请新浪用户停止点击带有蠕虫体链接的文字新闻和相关链接。
蠕虫1
87fK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4y4#2j5$3!0H3i4K6u0W2j5$3!0E0i4K6u0r3N6i4m8D9L8$3q4V1k6X3W2D9k6i4y4Q4x3V1k6A6L8h3q4Y4k6i4y4Q4x3V1k6Q4x3U0g2q4z5q4)9J5y4f1p5H3i4K6t1#2z5e0g2Q4x3U0g2q4z5q4)9J5y4e0V1&6i4K6t1#2b7f1u0Q4x3U0g2q4y4#2)9J5y4e0S2q4i4K6t1#2b7U0m8Q4x3U0g2q4z5q4)9J5y4f1t1I4i4K6t1#2b7e0p5I4y4K6u0Q4x3X3g2B7M7r3M7`.
蠕虫2
372K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4y4#2j5$3!0H3i4K6u0W2j5$3!0E0i4K6u0r3N6i4m8D9L8$3q4V1k6X3W2D9k6i4y4Q4x3V1k6A6L8h3q4Y4k6i4y4Q4x3V1k6Q4x3U0g2q4z5q4)9J5y4f1p5H3i4K6t1#2z5e0g2Q4x3U0g2q4z5q4)9J5y4e0V1&6i4K6t1#2b7f1u0Q4x3U0g2q4y4#2)9J5y4e0S2q4i4K6t1#2b7U0m8Q4x3U0g2q4z5q4)9J5y4f1t1I4i4K6t1#2b7e0p5J5x3U0y4Q4x3X3g2B7M7r3M7`.
蠕虫js
144K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4y4#2j5$3!0H3i4K6u0W2j5$3!0E0i4K6u0r3N6i4m8D9L8$3q4V1k6X3W2D9k6i4y4Q4x3V1k6A6L8h3q4Y4k6i4y4Q4x3V1k6Q4x3U0g2q4z5q4)9J5y4f1p5H3i4K6t1#2z5e0g2Q4x3U0g2q4z5q4)9J5y4e0V1&6i4K6t1#2b7f1u0v1f1K6b7I4i4K6u0W2K9Y4m8Y4
据网友反馈:北京时间 2011.06.28 20:14 @天才小熊猫 (《右下角的战争》gif动画作者) @辅旋律 (《计算机世界》副主编黄智军 这2个带V的微博开始发出蠕虫。
蠕虫现象1
蠕虫现象2
超级巡警团队分析,该蠕虫脚本来自一个网站,具体内容如下:
蠕虫JS超级巡警团队已经联系新浪官方,发出预警,请新浪用户停止点击带有蠕虫体链接的文字新闻和相关链接。
蠕虫1
87fK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4y4#2j5$3!0H3i4K6u0W2j5$3!0E0i4K6u0r3N6i4m8D9L8$3q4V1k6X3W2D9k6i4y4Q4x3V1k6A6L8h3q4Y4k6i4y4Q4x3V1k6Q4x3U0g2q4z5q4)9J5y4f1p5H3i4K6t1#2z5e0g2Q4x3U0g2q4z5q4)9J5y4e0V1&6i4K6t1#2b7f1u0Q4x3U0g2q4y4#2)9J5y4e0S2q4i4K6t1#2b7U0m8Q4x3U0g2q4z5q4)9J5y4f1t1I4i4K6t1#2b7e0p5I4y4K6u0Q4x3X3g2B7M7r3M7`.
蠕虫2
372K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4y4#2j5$3!0H3i4K6u0W2j5$3!0E0i4K6u0r3N6i4m8D9L8$3q4V1k6X3W2D9k6i4y4Q4x3V1k6A6L8h3q4Y4k6i4y4Q4x3V1k6Q4x3U0g2q4z5q4)9J5y4f1p5H3i4K6t1#2z5e0g2Q4x3U0g2q4z5q4)9J5y4e0V1&6i4K6t1#2b7f1u0Q4x3U0g2q4y4#2)9J5y4e0S2q4i4K6t1#2b7U0m8Q4x3U0g2q4z5q4)9J5y4f1t1I4i4K6t1#2b7e0p5J5x3U0y4Q4x3X3g2B7M7r3M7`.
蠕虫js
144K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4y4#2j5$3!0H3i4K6u0W2j5$3!0E0i4K6u0r3N6i4m8D9L8$3q4V1k6X3W2D9k6i4y4Q4x3V1k6A6L8h3q4Y4k6i4y4Q4x3V1k6Q4x3U0g2q4z5q4)9J5y4f1p5H3i4K6t1#2z5e0g2Q4x3U0g2q4z5q4)9J5y4e0V1&6i4K6t1#2b7f1u0v1f1K6b7I4i4K6u0W2K9Y4m8Y4
|
|
|---|---|
