WHID 2007-86: Mac Blogs defaced using XSS

The standard disclaimer that we do not cover each and every defacement is relevant to this entry as well. So why do we include the defacement incident this time? First and foremost, it is known to be an XSS abusing a WordPress zero day bug. Secondly, it is a targeted attack aiming to deface only Mac related web sites. Usually targeted defacement attacks are carried out against political targets. Did attacking apple become a political issue? Was Apple transformed into a nation overnight? Well certainly into a cult.

Additional information:

• Mac sites are being hacked by blackhat XSS hackers [XSSworm, Nov 23 2007]
• Hacker defaces temples to OS X [The Register, Nov 27 2007]