The social network has found an unusual vulnerability.
The evening of February 14 in “Vkontakte” there was a massive hacker attack. Unknown send users a link, when clicked on the page of the person and in all communities it manages, publishes malicious entry.
A strange entry was posted on hundreds of pages, including the largest community, for example, “PlayStation Russia”. In all cases the record is identical. It refers to the personal appearance of advertising in personal messages.
It is assumed that the attackers managed to exploit the vulnerability in XSS-protection “Vkontakte”. Hackers introduced malicious script into a link, when clicked, automatically publish the recording on the user page and in all the communities that it manages.
Representatives of “Vkontakte” reported that the situation is under control and the problem is solved quickly.