You Are Here: Home » Articles » How-To » News » Security » Social Media » Troubleshoot » Web

Alert : Reddit under attack

By Debjit on September 29th, 2009 
Advertisement

reddit-logoAs you must be knowing, some of the most popular websites and web services are having hiccups now a days. This time it was reddit.com. Its facing a XSS (cross site scripting) attack. Reddit confirmed in their blog that the attack was due to anomalies in their own code. Basically whats happening is all your previous comments at Reddit is getting replaced by an anomalous message, even if all that you might have done is just hovered over a comment.

Take a look the screenshot of the "evil demon" below :

pic source : reddit.com

pic source : reddit.com

This is a piece of javascript. When you hover your mouse over the text, it executes. It starts by clicking every reply button. Then it grabs the text area and puts the attack code in every comment box. And finally it clicks on every save button. However, if you're on your user page (http://reddit.com/user/USERNAME) and there are no reply links, you're safe to mouse over whatever you want.

Seems like the attacker has somehow managed to embed javascripts into Reddit comments. This however is very strange considering the kind of security measures which are followed these days, but maybe there was a loophole in Reddit's commenting system. Interestingly Opera 10 ( and reportedly IE8 ) seems to be immune to this attack, and rest all the browsers are facing the heat.

Reddit.com which went down an hour ago, is now up and running again. Its best to avoid Reddit.com until everything is restored back to normal, however if you insist, you may visit the site but do so only after turning off javascripts.

Some tips to prevent

* Install and use script managers (even stuffs like "No Script" should work). And then, when Firefox asks you that whether you want to stop a script or not, click yes.

* Your inbox may also be full of reply links after any recent updates done by the javascript worm. Comment pages will also be full of reply links. Please click your username, then find and delete the infected comments. As you need to turn scripts on again to delete these comments, you have to be very careful, so that you dont hover your mouse over any of your comments again.

* Some more Tips

Advertisement







Alert : Reddit under attack was originally published on Digitizor.com on September 28, 2009 - 10:13 am (Indian Standard Time)