 | By Robert Vamosi Fresh from criminal probation for his Samy worm exploits, Samy Kamkar is back with new software that can maliciously target your home network’s router. Kamkar’s first worm brought MySpace to its knees in 2005. Now, his new proof-of-concept software puts vulnerable home routers in its crosshairs. |
The first Samy worm’s cross-scripting exploit
In October 2005, Samy Kamkar went looking for friends — specifically, friends on MySpace. Unfortunately, Kamkar chose to do so by writing and executing a cross-site scripting exploit dubbed the Samy worm, which became one of the first major worms to hit a Web 2.0 app (read more about it in the Oct. 27, 2005, WS newsletter).
The Samy worm attempted to infect as many MySpace profiles as possible. The payload seemed relatively harmless: it merely tagged your profile with the phrase “but most of all, Samy is my hero” and added Kamkar as a friend. But the infection grew wildly. At one point, Kamkar had accrued over a million bogus friends and was getting more, at the rate of thousands every few seconds. The MySpace servers choked under the onslaught.
MySpace removed the infection and patched the code vulnerability that allowed Samy to execute.
The attack led to Kamkar’s being charged with a felony; he was subsequently sentenced to three years’ probation, ordered to perform 90 days of community service, and required to pay restitution to MySpace. During his probation, Kamkar was allowed to use a computer and the Internet only for work-related purposes.
Kamkar’s not-so-triumphant return
Kamkar’s probation is over and he’s back. On his new, Kamkar warns people to change the default settings of their routers. (Note: This and other links to Kamkar’s site have been removed because they aren’t trustworthy.) This is sound advice, but coming from Kamkar, the warning is also a bit sinister — especially when his site provides a number of different proof-of-concept programs that can be used to attack routers.
Related posts:
