back to article Email-stealing worm slithers across LiveJournal

LiveJournal's security team has disabled some media features on the blogging site after a quick-spreading worm stole user email addresses and caused entries designated as private to be available to everyone. The self-propagating exploit spread to users who were logged in and did nothing more than view a LiveJournal posting …

COMMENTS

This topic is closed for new posts.
  1. Sorry that handle is already taken. Silver badge

    Wow

    Hah, I didn't know people still used livejournal!

  2. Anonymous Coward
    FAIL

    Multi Fail

    Yet another reason why you should set up different email addresses for each website you sign up on. Over the past few days, that's Poundhost, Demon, and now Livejournal that have leaked their users email addresses.

  3. Azure
    Go

    enabled again

    Embeds for all domains but the offending one are re-enabled as of yesterday sometime, after the patch fixing it was pushed live.

    http://community.livejournal.com/lj_releases/49901.html

    I'm betting the 100 accounts number was an early guess; I'd guess 500-3000, based on the number of news post comments and how very easy it was to spread.

    I missed getting hit by it because I didn't think to bring my laptop with me when I went out that night; by the time I was back, it was blocked.

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2021