Malware attacks created Web development tools like AJAX are on the rise. According to software security vendors, Web 2.0 threats may have arrived after the attack of Yamanner virus on Yahoo! Messenger.
AJAX is a technique, which combines elements of the JavaScript and XML programming languages. It allows web site developers to speed up the interactivity of the sites and help them to amplify the attacks. The Yamanner worm used the AJAX to amplify and hide the delivery of its payload and attempts to exploit helplessly in JavaScript code of Yahoo! Messenger. The JavaScript issue is a common cross-site scripting weakness.
The use of Web 2.0 technology on Yahoo! allows the user to spread worm without user interference. AJAX is used to steal IM contact information and forward the threat to other accounts.
There are many high-profile worms like Yamanner in News Corp.’s MySpace social networking site. It appears more predictable than AJAX worms.
Via: eweek
