Home / malware Worm:JS/Webo.A
First posted on 23 August 2011.
Source: SecurityHomeAliases :
There are no other names known for Worm:JS/Webo.A.
Explanation :
Worm:JS/Webo.A is a JavaScript worm that exploits a cross-site scripting (XSS) vulnerability present in the social networking site "weibo.com".
Top
Worm:JS/Webo.A is a JavaScript worm that exploits a cross-site scripting (XSS) vulnerability present in the social networking site "weibo.com".
Installation
The worm may be present on affected "weibo.com" user profile pages as a hyperlink.
Spreads via...
Cross-site scripting
The worm uses an XSS vulnerability present in the social networking site "weibo.com". When a curious user clicks the malicious hyperlink, the worm can spread by duplicating the malicious link onto the user's profile page. The worm posts links with related text such as "the personal income tax cutoff point at 4000 yuan", "Gua meimei Red Cross event" and so on.
Analysis by Jingli Li
Last update 23 August 2011