This weekend, the mischievous hackers that hang out on the boards at 4Chan
uncovered and had a field day with a vulnerability in the comments system on YouTube
. The exploit allowed the troublemakers to hijack a page by simply leaving a comment with specific HTML tags. The attack could come in the form of a banner laid over a video, a pop-up alert message or even redirect you to a different site. Though most of the attacks were limited to vulgar or offensive messages (many targeting pop-irritant Justin Bieber
), Google believed there was potential for the vulnerability to be exploited to steal log-in info.
While 4Chan members were busy giggling over rumors that the tween star had died, Google was working to fix the flaw. Within an hour of the vulnerability being discovered, Google had shut off comments to temporarily thwart the attacks and had the issue patched in two hours. The incident goes to show that while popular and trusted sites can never be 100-percent safe, a swift response can dull the damage done by the more despicable elements of the Web. [From: The Next Web
and The BBC