Video Screencast Help
Symantec Appoints Michael A. Brown CEO. Learn more.
Security Response

Worm That Exploits your Friendship

Created: 26 Aug 2009 00:16:31 GMT • Updated: 23 Jan 2014 18:33:07 GMT
Shunichi Imano's picture
+3 3 Votes
Login to vote

Symantec Security Response has found a new threat that spreads through Renren.com, which is a very popular Social Networking Site in China ala Facebook. The threat comes in a form of a Flash video, which pretends to be a famous Pink Floyd promotional video clip "Wish you were here."

Viewing the Flash video results in concealed JavaScript being executed while the video is playing.

imagebrowser image

The video is hosted on a legitimate site. The threat exploits an authentication cookie of a currently logged-in user in order to send out the same link (for the Flash file) to users on the Friends list.

imagebrowser image

We detect this malicious XSS threat as Js.Frienren.