A group of crackers named Bantown claims to have hijacked 46% of LiveJournal’s active accounts, over 900,000 total, via a cross-site scripting attack according to Brian Krebs of The Washington Post. The group was able to steal the cookies of LiveJournal users clicking on links created by the group on their hundreds of automated journal accounts. LiveJournal altered their URL structure last night to allow each user to have their own private cookie domain.
The Bantown group continues looking for sites to BBQ, or swap user profiles for something a bit more sexual, often involving farm animals. Some of the exploit code has been released as open source, allowing others to build upon the holes found at LiveJournal.
LiveJournal users were alerted to the problem when McAfee Internet Security Suite installed on their machines threw up warning messages about a possible exploit.
Tags: livejournal, xss