Friday, January 20, 2006

Account Hijackings Force LiveJournal Changes

Brian Krebs writes on Security Fix:

LiveJournal, an online community that boasts nearly 2 million active members, on Thursday announced sitewide changes for users logging into their accounts -- changes prompted by a hacker group's successful hijacking of potentially hundreds of thousands of user accounts.

In an alert posted to its user forum, LiveJournal said it was instituting new login procedures for users because "recent changes to a popular browser have enabled malicious users to potentially gain control of your account." Company officials could not be immediately reached for comment. I also put in a query to Six Apart, which owns LiveJournal (and the service we use to produce this blog), but have yet to hear from them either.

An established hacker group known as "Bantown" (I would not recommend visiting their site at work) claimed responsibility for the break-in, which it said was made possible due to a series of Javascript security flaws in the LiveJournal site.

More here.

0 Comments:

Post a Comment

<< Home