The Anatomy of a Cross-Site Scripting Campaign
The Imperva Application Defense Center (ADC) discovered a cross-site scripting (XSS) vulnerability in the .com site. The problem was first found in a hacker forum, which then led to the discovery of the XSS attack server. The XSS attack server is still active. By studying the characteristics of the attack, the ADC was able to detect more XSS cookie stealing campaigns. To date, this campaign has affected more than 3,000 individuals across three unique XSS incidents. While the largest XSS campaign found was a porn site, other types of applications such as online gaming and online forums were compromised in the exact same way.