Friendster XSS spam

Over the past couple of weeks, I have been getting some random messages from friends on Friendster (this is probably the first time in over a year). The first three or four, I didn’t think anything of it, but finally a good friend sent me a message, so I logged on and found this:

Friendster XSS hack message

Which is obviously some sort of spam, possibly from a XSS hack. This reminds me of the first effective email worm I ever experienced, where someone I thought highly of (a professor at MIT) sent me a link about photos of Anna Kournikova, and of course I clicked… never again.

Until now. It goes to show how important the sender is in propagating a worm; a really intelligent spammer would take this into account, use the email/social network address book to determine who the likely influenced people are, and message these people first.

4 thoughts on “Friendster XSS spam

  1. yeah i’m sick of the spamming. I thought it was internal, you know just to get us to go back on friendster. Usually i’m good at ignoring spammers but one got me by using a name on my friends list so naturally i thought it was my friend emailing me. But usually i delete any mail from anyone i dont know before even opening it.