Popular social news website Reddit has suffered from malicious attacks causing innocent users generate spam comments. Apparently, the hacker exploited a bug in how reddit handles markdown syntax ( a language that allows you to use make special punctuations & links in the comments). The hacker has good knowledge of this bug and used it to embed malicious javascripts that can be activated by “hovering” the mouse over the link. (moving your mouse over the link).
The hacker’s account (which was already deleted) belonged to a user id: xssfinder. The excerpt of the thread where the initial code was believed to be found is attached below: (comments containing the jscripts were deleted)
Activating the javascript would cause you to reply to every comment on the page with a copy of this same viral comment. This of course is not within your control.
The undecoded code looks like this: [x] [b]. Decoding the URL encoded script would give you this:
Any harmful effects on my PC?
According to forums, your PC is NOT at risk. The attack was believed to be a “sick joke” (or a warning) orchestrated by the hacker. The virus’ effects is limited only on producing self perpetuating comments by using your system resources while your browser is open. That’s all.
How to protect your PC?
A. Disable Javascripts in your browser
For Firefox users:
1. You can install noscript – an add-on that allows you to customize execution of scripts in your PC
2. You can also disable javascript in your browser. Go to TOOLS > OPTIONS> CONTENT
On the CONTENT tab, uncheck “ Enable Javascript” to disable javascript from running.
For Internet Explorer users:
1. Disable javascript in your browser. Go to TOOLS> OPTIONS> SECURITY> INTERNET
Click Custom Level then scroll down to Active scripting. Click Enable (or Prompt).
Click OK.
B. You can also avoid hovering to suspicious looking links.
C. Delete all your comments (with the virus) on your overview page.
There are comments on forums claiming that even Google Chrome can be affected. Only Opera and probably Lynx browsers are currently secure from the attack.
Wrap up
There are current concerns that this exploit would somehow give way to a more destructive effects in the future. No reports were made about similar attacks on other social news websites. But one thing is for sure, Reddit programmers will surely get rid of this malicious code and fortify their system.
You might also like
Tags: comment bomb, complete story, javascript, malicious codes, reddit is under attack, reddit loophole, virus attack, XSS
