Cenzic 232 Patent
Paid Advertising
web application security lab

MyYearbook.com XSS worm

Unsticky and Luny both brought my attention to a few cross site scripting worm variants that are currently being exploited in MyYearbook.com. The owner of the site’s account has been hijacked and another group named Hackers with style (I couldn’t find an associated website to the group) are claiming to have a large number of usernames and passwords. Looks like the site is pretty was completely offline for some time - possibly for repairs.

This is one variant of the worm that unsticky wrote (not sure if this is the original functioning one that has successfully hacked over 1MM accounts or a future broken version that someone modified) that Luny sent me, for those who are curious:

17 Responses to “MyYearbook.com XSS worm”

  1. unsticky Says:

    That’s not exactly my code… bits of it are, but most of its server supplied formatting (oh the ’s!). I sent you an email with the clean codes, plus the codes for each variant I found, and a new project I’m working on.

  2. RSnake Says:

    As a side note, I found a link off of Luny’s site where one of the Hackers With Style guys keeps his web-presense. Triphase is located here.

  3. oyunlar Says:

    That’s not exactly my code… bits of it are, but most of its server supplied formatting (oh the ’s!). I sent you an email with the clean codes, plus the codes for each variant I found, and a new project I’m working on.

  4. devin gates Says:

    hey someone has hacked my acocunt and i dont know how to get rid of them and it is really driving me nuts i deleted all of my watever items hoping that the code would be in there but they are still able to acces it if i just change my email address would that stop them? plz help me i wan tthis guy out of my acocunt

  5. anonymus Says:

    Every time I log into my MyYearbook.com account, and I go to check my messages, it takes me to random people’s accounts. I AM NOT hacking anyone’s accounts, so I have no idea how this is happening. It is basically taking me to a new person inbox everytime I click the mail button. I have no idea how this is happening! I think the website should be shut down, because people’s personal account information is being released to the public.

  6. Gillian Says:

    i cant access the site at all! neither firefox nor IE will load the page, keeps saying connection timed out/page could not be loaded etc etc. does anyone know if its just me who cant access it or is the full site down? if it is just my pc, how do i fix this?

  7. Ryan Says:

    ok this is what i did when they got me the second time.. if you can still log in go to settings (top right of you page) and change your email back. then i logged out.. then i sent off saying i lost my password and the password they were using is (hacked) without the ().. so go loggin and use hacked as the password.. back to setting and then click change password and that should be the old password there using…… but i deleted my account because almost everyone will be hit..

  8. oyun Says:

    As a side note, I found a link off of Lunys site where one of the Hackers With Style guys keeps his web-presense.

  9. oyunlar Says:

    Every time I log into my MyYearbook.com account, and I go to check my messages, it takes me to random peoples accounts

  10. rabecca Says:

    how do u hack a myyearbook account? help plz

  11. John Doe Says:

    It is illegal to hack account. you can go to jail for 2 years just for going in to another account. think Is it really worth it?

  12. Kate Says:

    Okk.. wenevr i log onto myyearbook, & i check my messages, i cant read them, it just takes me to the inbox but u cant see who wrote the messages to you. WTF IS HAPPENING!

  13. corey Says:

    someone hacked my myyearbook account and i need help to get my password back from this person and so help me plz i worked to hard to mess up so help me plz!!

  14. rose Says:

    i need help getting back into myyearbook account.someone got in and changed my email and put it so i cant recieve any emai; from myyearbook or get into my account at all. i would appreciate help with this mater thank you!!!!

  15. elizabeth vaughn Says:

    someone has hacked into my account and a fake picture of me up there and i would like it removed because it is not a picture i would like up there it has a naked body with my head on it and im only 13 and everyone at my school have seen it and i would like it be deleted but they changed all my accounts and i cant get on to delete it

  16. nameless Says:

    your not being hacked , here some reason you pissed someone off they mark you as spam, yb auto change password, two yb makes changes allmost every other day cause use of imacro use,three maybe click on there name when trying open message it is a clickable url take u took that person account, yb has many glitches and is not fully loaded to be made perfect , not all sites are, yb changes your lay outs and does sertain thing to peoples profiles sometimes offten delete sertain pictures, just glitches if your hack your account would remain and stay gone , and you would never get back nore would your email or anything be the same, :) have great day one yb biggest names but here i stay nameless

  17. nameless Says:

    one more thing your all over paranoid :) yb has some biggest ajax scripting useage to run the site they change there site server every week to every month :P