Google's YouTube, Apple's iTunes temporarily hacked

July 4, 2010: 5:34 PM ET

Hackers spent the 4th of July adding  pop-up windows to popular YouTube videos and separately juicing the sales of a Vietnamese developer's books on iTunes.

Hacked YouTube video via theNextWeb.com

The YouTube hack was first spotted by fans of Justin Bieber on YouTube Sunday morning.  They were greeted with messages saying the pop singer had died or offers to venture to hacking sites (below).

Both video site Ebaumsworld and notorious Internet forum 4Chan have been blamed for the attacks, but it seems that others may have joined in once the hack was discovered.  Here's one such message posted on the 4Chan forums, below:

According to Slashdot,

"Several hours ago, someone found an HTML injection vulnerability in YouTube's comment system, and since then sites such as 4chan have had a field day with popular videos. The bug is triggered by placing a <script> tag at the beginning of a post. The tag itself is escaped, but everything following it is cheerfully placed in the page as is. Blacked out pages with giant red text scrolling across them, shock site redirects, and all sorts of other fun things have been spotted. YouTube has currently blocked such comments from being posted and set the comments section to be hidden by default, and appears to be in the process of removing some of these comments, but the underlying bug does not seem to have been fixed yet."

Google (GOOG) temporarily disabled YouTube comments while it diagnosed the issue.

A Google spokesperson said, "Comments were temporarily hidden by default within an hour [of discovering the problem], and we released a complete fix for the issue in about two hours. We're continuing to study the vulnerability to help prevent similar issues in the future,"

It also appears that Apple's (AAPL) iTunes fell victim to some sort of compromise today with most of iTunes top selling Book Apps being from one Vietnamese developer.  There are also some reports of phished iTunes accounts being used to buy the book apps, which would be much more serious, if true.

Apple has yet to comment on (or fix) the App Store.  (iTunes link)

Update: As of 5:45pm ET, Apple removed the Vietnamese developer's account and his books have been removed from the store.

Posted in: , , , ,
Join the Conversation
About This Author
Seth Weintraub
Seth Weintraub

Google went from searching the Web to worming its way into nearly every facet of business and government. Seth Weintraub unveils where the company is going, who it's competing with, who it's about to compete with and how market forces push the company to veer or adhere to its Don't Be Evil motto. For 15 years, Weintraub was a global IT director for a number of companies before becoming a blogger.

Email Seth
Current Issue
  • Give the gift of Fortune
  • Get the Fortune app
  • Subscribe
Powered by WordPress.com VIP.