azurelunatic: The LJ pencil, (pencil)
Azure Jane Lunatic (Azz) 🌺 ([personal profile] azurelunatic) wrote2009-09-23 03:08 am
  • Add Memory
  • Share This Entry
Entry tags:

LJ security breach; stuff has been fixed but some people may still be affected.

Some rogue embed decided to self-replicate itself across LJ by editing people's entries upon them viewing the malicious embed and not having those scripts being blocked.

You may know the beast by finding embeds in your recent entries that you did not put there, and how the entry is unlocked. If you post locked stuff, check your journals -- I'd rather you be safe than sorry.

Quick official announcement, details to come

More detailed unofficial rundown

Edit: news post with full rundown: http://news.livejournal.com/117957.html
Flat | Top-Level Comments Only

[identity profile] shiv5468.livejournal.com 2009-09-23 11:25 am (UTC)(link)
Thanks for the heads up.
azurelunatic: Ryoko's gloved hand dripping with her own blood. (bleeding)

[personal profile] azurelunatic 2009-09-23 01:14 pm (UTC)(link)
You're welcome. This could have been a lot worse.
ext_76: Picture of Britney Spears in leather pants, on top of a large ball (Default)

[identity profile] norabombay.livejournal.com 2009-09-23 12:53 pm (UTC)(link)
I got hit. Apparently I viewed an entry that was unclean. My suspicions lie with ohnotheydidnt
azurelunatic: Vivid pink Alaskan wild rose. (Default)

[personal profile] azurelunatic 2009-09-23 01:13 pm (UTC)(link)
Heh.

Though I did see it at least twice on my friendslist, with people who I would not have thought to engage in risky behaviour. This was one of the ones where unless you browse on ultra-paranoid for everything, literally all it took was loading your friends page if someone affected was on it while it was still spreading. And it was pretty much invisible, unless you were blocking stuff -- it was clear and lurking at the bottom of any entry.

LJ shut it down pretty darn fast.
ext_76: Picture of Britney Spears in leather pants, on top of a large ball (Default)

[identity profile] norabombay.livejournal.com 2009-09-23 01:17 pm (UTC)(link)
Yes. I'm glad it was fast. But I'm also glad that I know about the limited protections of flocking things. Better than noting, but easy enough that posting state secrets is a poor idea.
azurelunatic: Vivid pink Alaskan wild rose. (Default)

[personal profile] azurelunatic 2009-09-23 01:30 pm (UTC)(link)
Indeed.

I'm glad I don't have any state secrets to post.
azurelunatic: Vivid pink Alaskan wild rose. (Default)

[personal profile] azurelunatic 2009-09-23 01:40 pm (UTC)(link)
From what the srs techs have said, it looks like a very clumsy self-replicating email harvester, so I would guess that if ontd was targeted, it would have been for their juicy pool of tempting addresses, not anything more salacious.

[identity profile] cynthia1960.livejournal.com 2009-09-23 05:19 pm (UTC)(link)
I got hit yesterday; the entry itself was pretty innocuous, but fixed the security setting back to friends only and removed the nasty code. Frakkers. Hope these script kiddies fry.

[identity profile] sionainn.livejournal.com 2009-09-23 06:21 pm (UTC)(link)
It got me.... changed my icon, embedded some crap, removed my tags and changed security setting.
Flat | Top-Level Comments Only