Samy (computer worm): Difference between revisions
GreenC bot (talk | contribs) Rescued 1 archive link. Wayback Medic 2.5 per WP:URLREQ#misc.vice.com |
No edit summary Tags: Reverted references removed Mobile edit Mobile web edit |
||
Line 4: | Line 4: | ||
The worm itself was relatively harmless; it carried a [[Payload (computing)|payload]] that would display the string "but most of all, samy is my hero" on a victim's MySpace profile page as well as send Samy a friend request. When a user viewed that profile page, the payload would then be replicated and planted on their own profile page continuing the distribution of the worm. MySpace has since secured its site against the vulnerability.<ref name="tech" /> |
The worm itself was relatively harmless; it carried a [[Payload (computing)|payload]] that would display the string "but most of all, samy is my hero" on a victim's MySpace profile page as well as send Samy a friend request. When a user viewed that profile page, the payload would then be replicated and planted on their own profile page continuing the distribution of the worm. MySpace has since secured its site against the vulnerability.<ref name="tech" /> |
||
[[Samy Kamkar]], the author of the worm, was raided by the [[United States Secret Service]] and Electronic Crimes Task Force in 2006 for releasing the worm.<ref>{{cite web|url=http://lists.owasp.org/pipermail/owasp-losangeles/2008-December/000037.html |title=[Owasp-losangeles] OWASP LA |website=Lists.owasp.org |access-date=2015-12-25}}</ref> He entered a [[Plea bargain|plea agreement]] on |
[[Samy Kamkar]], the author of the worm, was raided by the [[United States Secret Service]] and Electronic Crimes Task Force in 2006 for releasing the worm.<ref>{{cite web|url=http://lists.owasp.org/pipermail/owasp-losangeles/2008-December/000037.html |title=[Owasp-losangeles] OWASP LA |website=Lists.owasp.org |access-date=2015-12-25}}</ref> He entered a [[Plea bargain|plea agreement]] on |
||
==References== |
==References== |
Revision as of 03:35, 13 June 2025
Samy (also known as JS.Spacehero) is a cross-site scripting worm (XSS worm) that was designed to propagate across the social networking site MySpace by Samy Kamkar. Within just 20 hours[1] of its October 4, 2005 release, over one million users had run the payload[2] making Samy the fastest-spreading virus of all time.[3]

The worm itself was relatively harmless; it carried a payload that would display the string "but most of all, samy is my hero" on a victim's MySpace profile page as well as send Samy a friend request. When a user viewed that profile page, the payload would then be replicated and planted on their own profile page continuing the distribution of the worm. MySpace has since secured its site against the vulnerability.[1]
Samy Kamkar, the author of the worm, was raided by the United States Secret Service and Electronic Crimes Task Force in 2006 for releasing the worm.[4] He entered a plea agreement on
References
- ^ a b "MySpace Worm Explanation". Samy.pl. Retrieved 2015-12-25.
- ^ "Cross-Site Scripting Worm Floods MySpace". Slashdot. 14 October 2005. Retrieved 2015-12-25.
- ^ "CROSS-SITE SCRIPTING WORMS AND VIRUSES : The Impending Threat and the Best Defense" (PDF). Net-security.org. Archived from the original (PDF) on 2011-01-04. Retrieved 2015-12-25.
- ^ "[Owasp-losangeles] OWASP LA". Lists.owasp.org. Retrieved 2015-12-25.