Account Hijackings Force LiveJournal Changes

Cross site scripting vulnerability allowed attackers to steal LiveJournal’s user cookies. This sounds like the normal scenario that gets no attention from anyone, only this time attackers used this vulnerability to steal tens of thousands of accounts.
This incident forced LiveJournal to replace their logging mechanism.
Just to show large scale phishing isn’t limited to banking and credit cards.

http://blogs.washingtonpost.com/securityfix/2006/01/account_hijacki.html

Share