April 18, 2004

  • BLOGWORM


    We got a number of emails about a blogworm on Xanga on Friday:



    I checked out my friends’ Xanga site and her posts had been flooded with incorrect posts. After visiting her page and returned to mine, I got a email saying I was joined to the “Gay and Proud” blogring, so I removed myself, then all of a sudden I go back to my xanga and I have a post that i DID NOT write and it’s exactly like on my friends’ page. And it won’t let me delete it or get into it. It directs itself right back to the xanga premium page. PLEASE HELP!


    If this happened to you: we quickly disabled the worm, and removed the blogring from our database.  We chose not to delete any auto-posts, since some users had comments on them.  If you want to make sure that the inert worm is removed from your site, please visit this link and follow the instructions there.


    After we disabled the worm, we launched a full investigation and discovered the identity of the attacker.  I was shocked, as I thought they were a Friend of Xanga.  When confronted with the evidence, they quickly confessed. Fortunately for this person, the nature of the worm meant that no passwords were compromised – just an auto-post/blogrings, and the redirect.  Given the young age of the hacker and the appearance of genuine remorse, we have chosen not to prosecute the individual responsible.


    We are the only weblog/community vendor that allows users so much flexibility with JavaScript Codes.  We are moving towards a model where cool Codes will be easy to find and install – and the system will be entirely safe and secure.  We are hoping that in the interim, we don’t have to turn off all JavaScript support. 


    Our deepest apologies to everyone who was impacted by this blogworm.  The attack came on the heels of some hardware issues yesterday morning, which forced us to do some emergency maintenance Friday night.  We don’t believe they are related, but are investigating both incidents further.  Our apologies… and thanks to everyone who contacted us about this on Friday, for helping to keep our community safe.

Comments (68)

  • first to prop. WOOHOO.

  • Thanks a bunch. Having been automatically enrolled in the Gay and Proud blogring too, I salute you all for trying to make Xanga a better place.

  • yes! 3rd post…

    and i also got the gay and proud blogring- i thought my friends had done it (i made a post about that on my xanga)

  • Well, at first it made for interesting reading on the online SIR list…till I realized that more than half of my sites to read were suddenly having issues.

    Glad you got it stopped.

  • whoo fourth post…that sux you guys got some kinda worm thing.i didnt….or atleast i dont think i did *goes and checks now* byes

    <3Karla

    visit my site n leave comments too plz<3<3

  • okay now its 5th post insted of fourth my bad

  • You are so very responsible about our sites and I respect the hard work you do.  We who are Xanga addicts appreciate the up and running safe Xanga

  • yeah, glad you guys got it down. I hope some freaks out there don’t try to ruin our privilege of having javascript on our sites. There are too many people who do have friendly code on their site and it’d be a shame if you guys had to strip that feature altogether. It’s probably the main reason why I spend more time on my xanga than I do on my other journals. I like the flexibility of being able to custom design my page.

  • thank god. i was wondering why i was subscribed to the gay and proud blogring?? and other people that i was subscribed to were too. but thanks a lot.

    <333 Jordan

  • hmmmm :P

  • good job!!

  • ok…this really sucks

    my css on my xanga doesnt work…what do i do?

    im not giving eprops…

  • close call. good thing i wasn’t affected.

  • my site says that i have 3 comments and 6 eprops.  but when you click on the link, i really have 7 comments and 14 eprops.  what’s wrong with it?

  • If Google is telling the truth, you guys have the dubious honor of being the only weblog service that has blogworms. Another Xanga first!

  • hey, thanks for fixing it!!  i was getting plagued by emails and phone calls asking if i was really gay!! 

  • nevermind about the comment thing, it fixed itself when another comment came in.

  • im so glad that u found that blogworm…i was so angry and i thought some1 had hacked me when that blogring showed up….

  • I think that the Xanga team was pretty quick on the draw on this one. Thank you!

    Although I wasn’t personally afflicted, it was interesting to see half of the bloggers I know all coming out of the closet at once.

  • hmm i wasnt a victim of this but ill make sure it wont happen

  • People act like things like that are a big deal. Get over it and create a new xanga.

  • I haven’t read through all the comments *cause there’s like a bazillion* But is there any way to find out who did it? I don’t wanna say anything bad to them, but I really don’t think I would like to sub/support/comment to someone who does things like this… ya know? So, if we had a name, we could make sure to avoid the user in the future.

  • I am totally impressed with the swiftness of this.. you guys were really on top of it in no time at all!

    Thanks for ALL that you guys/gals do for us….

    Tina

  • that is quite sad you dont know how too fix ur problem i mean cmon ur one of the creator of xanga

  • thanks for the quick response.

  • Good work.

  • In response to your last post, and also in response to the one where you urged us to comment because you read every single one – thank you very much for what you said about refusing to inflict pop-ups upon us. You’re right, all humans hate them, and I am very grateful to read that you put us, the people who make up the Xanga community, before extra profit.

    *HUGS*

  • Perhaps you can hire this youthful script jocky and put him on the Xgods team asking him to work security against evil Javahackers? That is what the private industry & the US government does. Put that knowledge and energy to work for you!!! Use the best against the best.

    If you don’t hire him you really should have made him an example….

    Thats just the pirate way!

    Sail on… sail on!!!

  • I like the way you handled this.

  • cant u make xangas protection higher? instead of letting either popups or viruses/trojans to come up?

  • is there a reason for the 4 subscribtion emails i got today?

  • john, i have been subsrcibing to a number of xangans but it does not reflect on my left side module SIRs…can you help?

  • I have to ask…doesn’t it get irritating to be blamed for everything?

    I noticed an earlier comment about someone’s CSS not working.  Gee, let’s think, whose fault could that be?

    You’d best tell him/her the truth.  The real problem with his/her CSS is right between the chair and the keyboard.

  • Ok I can’t not sign in i dunno whats wrong can you help me?!?!?!

  • Wow, that is some pretty crazy stuff.  Especially from a “Friend of xanga”  That really sucks. 

  • Thanks for taking care of everything!  =)

  • um.. did you make up xanga?  I bet you BANK off of it.  =)

  • I’m glad i didn’t experience this…

  • hey there, i’ve been using the xanga free premium trial for like 2 days n things were lookin fine etc but now my comments section is missing the whole “Give eProps” section.. i did add javascript for renaming eprops n comments n it worked fine for a while, only giving problems now.. help? thanks!

  • john your so cool, i love the pic

    ~much love~

  • Hi, I didn’t have any virus problems but I do have a recurring problem on my page that I have tried to fix and just don’t understand what is happening.

    Issue:  When my comments on a blog reach a particular number and it seems to be 23, I can tell that i have new comments after that number as it shows in the feedback log but when I try to view them, nada.  The page will not roll over to view additional comments by either clicking on the next or last links.  Neither of them allow a rollover to the next comments.  I have removed all scripts again from my website stats and nothing helps.  The only thing left in the stat box is for site meter.  I just don’t think it is anything in my scripts, I really would like a solution to the problem if anyone has one.  Thanks much for listening.  My Xanga is a paid premium and as I said, I don’t use any frivolous scripts.  The actual list is,

    No Copy paste script

    Rollover Color for links

    Color code for scrollbars

    Background color for comments

    Smile Script

    Site Meter

    All very simple scripts that you wouldn’t think would bother seeing comments but something is messing with them.

    Thanks for listening and help if possible.  I have comments I would sure love to be able to read.

  • i’ve got a complaint about this one guy’s xanga which i believe violates the first and third bullet points of the member conduct agreement. i don’t know how else to report him but i am deeply offended by him.

    (if he should find out about this, i wish to remain anonymous)

    here is a link to his site

    http://www.xanga.com/c0heed

    i hope you can get this complaint to the right person, unless you are the right person. thanks.

    ~joey

  • i’m aiming to have this guy’s site shut down. and i’m not the only one with complaints no doubt. there are many who have left comments on his site. and one who he has e-mailed.

  • who has e-mailed him i mean. keep up the good work

  • thanks! you guys rock! any touble with hackers let me know! we want our script back! i hate it when people mess it up!

  • more than anything I am saddened that the attacker would use such an ignorant device in pranking other xangans as “outing” them.  No such attacker would, for a moment, consider pranking someone under the guise of “I’m [insert race, color, religious affiliation of choice] and proud.” 

    What he succeeded in doing more than anything was further promote the stigma that homosexuality is taboo, to be frowned upon, or something that should not be as easily embraced as say… my own Chinese culture. 

    Sexually trasnmitted diseases however, are funny as hell. 

    Glad you guys don’t hold a grudge, but you really ought to penalize him/her on principle of lack of creativity.

  • wow a friend of xanga did this?

    Semper Fi

  • my comment box doesn’t work…when my friends click the link underneath (where is says Comment box not working? Click here.) a page like this turns up. 

    http://www.xanga.com/error.aspx?aspxerrorpath=/item.aspx

    what can i do to fix it?  thanks.

  • Thank you, John!  I was worried for a little bit there.  You were definitely quick taking action and it is appreciated!

  • ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    I still cannot write a post on microsoft word and post it for a weblog…is there any reason that it isn’t working, and is there anything I can do to fix it?? 

    Please help me figure it out, thanx.  ~Me

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

  • is there any way you can have a promotion for xanga premium where everything is half price?  i wanted to get xanga premium for life but i didn’t act quickly enough and now the price doubled.  i would definitely pay for premium for life if it was back down to 50 bucks…

  • ok, i realize this is the 52nd comment, but im having a tid trouble getting in touch with you peoples of xanga. you see, today my xanga decided to spaz, and in its spazing craze, disabled many of my script codes. now, the crazy part is, it displays different codes for different people.

    codes i have that it has disabled for me: a different header for every day code, change the title, rename the links, move links from left to right side of xanga.. i think thats it for the codes.

    it also disabled your ad for me as well.

    i say, it creeps me out. please assist.

    -dorian

  • Thanks!  I freaked out when I saw the script in my look and feel.  I knew I didn’t put it there.

    Xanga is Fabulous!  Keep up the great work!

  • I, too, hope you don’t have to disable all Java scripts, and am looking forward to the new “cool codes” feature. On not prosecuting, you’re soft and sweet and that’s not necessarily a bad thing.

  • So what’d I miss?

  • hmm, i don’t know if you guys have stumbled across this but

    http://xangascipts.tk

    has the codes for all the disabled scripts like blinky boxes, and clock cursors and what not

    i didn’t make the site, and it is posted here without the knowledge or consent of the creator

  • John (and Xanga team)–thank you for taking care of that so quickly.  Much appreciated…you guys shouldn’t have to jump on javascript abusers like that.

    I say that now that I’ve gone clean…hehe.

    Thanks again and take care, –jeff aka godofphotoshop

  • I want 53 comment…well 54 not.

  • that sucks*

    you should disable that code that makes the window pop around the screen…  u cant stop the page from loading or click the x.  I went this this one guys page and every time i clicked a link the window would go popping around (it wasn’t even the right click…)  I was annoyed and it kept freezing my puter.  im sure they dont check their xanga with that annoying code :- pfft.

  • In the face of issues like this, and the fact that I detest some scripts (cursor clock and anti-rightclick to name a couple), I often browse Xanga with Javascript completely disabled, as well as all ActiveX controls.  Sure, it kills effects and plugins that some people use, but I will take a little less flash and fun for the sake of not having my stuff compromised.

    Thanks for jumping on that worm so quick.

  • So that explains what happened that Friday.  I’ll admit I was pretty ticked off that evening when I was in the middle of trying to post and all of a sudden the site seemed to just crash on me.  But, I was ticked off because there were some deeply personal issues I wanted to create a memorial for so that it would be there Saturday morning, and was unable to.  My problem, not yours.  I’m glad you guys were able to get on this issue so quick and keep it from spreading too far and wide.  Kuddos too on the decision to not prosecute based on the circumstances; that shows that you guys look at things on an individual basis and not blanket policies that too often catch the mischievious prankers and allow the true dangers to go unnoticed.  Now I remember why I love it here.

  • thank you for your email and congrats on taking down the attack so quickly (thumbs up!)

  • ask this kid called cokesux88 he will help u on the blogring.thingy.

    ~christine

  • oh my gosh the same thing happened to me!!!

  • Why do you even HAVE a ‘Gay and Proud’ Blogring? I thought you people controlled and regulated the blogrings! And anyways, I just recently checked the blogring search. There IS still a blogring called ‘Gay and Proud!’

    Heh. I didn’t get infected, but my friend has numerous amounts of times.

  • I LOVE YOU!!! thank you so so so so so so much!!

  • I just think it’s funny that people were subscribed to the “Gay and Proud” blog and then they freaked out … because not that there’s anything wrong with it.

  • not sure if this is the same worm, don’t think it is, this particular worm only changed the header of my site and a few color settings under look and feel. someone claiming to be the creator of this worm decided to message me for whatever reason and made a post on my site.

    aim logs:

    IrLeetPenguin.log

    b9y.log

    a link to his sites:

    http://www.nyfreaks.net

    http://dkcommunity.com/

    sorry for posting it here, but there isn’t any obvious contact info for this on xanga (perhaps there should be?). anyway, goodluck.

Post a Comment

Leave a Reply

Your email address will not be published. Required fields are marked *