XSS Attack on Sina MicroBlog
If you have not heard of Sina Weibo in China, you are behind the times. Sina Weibo is the most popular microblog service in China, with more than 100 million registered customers. Just yesterday (28 June), Sina Weibo was attacked through an XSS exploit: more than 30,000 high profile customers were affected and sent out messages containing a malicious link. Sina provided a quick response, within two hours, to stop this campaign. Websense customers are protected from this attack by ACE, our Advanced Classification Engine.
Here is a snapshot of a message with a malicious link posted by a high-profile customer. The content of the message is related to some hot topic or film star in China to lure the followers to click on the link.
Although no malicious software was installed in this campaign, Websense reminds customers to do a simple check before you click on any suspicious URL, even it comes from your best friends.