Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
    Digg this story   Add to  
Flashing-image attack targets epileptics
Published: 2008-03-31

The Epilepsy Foundation closed its forums last week to remove malicious postings and tighten security after vandals posted rapidly flashing images over the Easter holiday that triggered seizures in some members.

The incident, first reported by Wired News, exploited the lax security of the forums to post Javascript code that attempted to install a remote-access Trojan horse and flashed two images repeatedly, causing seizures in some members of the forum. The Epilepsy Foundation shuttered the forums last week and took some measures to prevent future attacks, the non-profit said in a statement.

"This was clearly an act of vandalism with the intent to harm people, and we shut the attack down immediately," Eric R. Hargis, president and CEO of the Epilepsy Foundation, said in the statement. "We’ve established deterrents in the system to prevent similar incidences."

While comment spam can be an annoyance for many Internet visitors, flashing images can trigger seizures and cause pain to people with photosensitive epilepsy. While more than 3 million Americans have epilepsy, only about 3 percent have photosensitive epilepsy, according to the Epilepsy Foundation. The blinking image caused headaches among several of the forum's visitors and caused some viewers to stare blankly at the screen, according to the Wired News report.

The attack used Javascript to redirect people to another site that hosted the graphic, a spokesperson for the Epilepsy Foundation told SecurityFocus. The attack, more vandalism than hacking, resembled iframe attacks that seed legitimate sites with malicious scripts that redirect visitors.

If you have tips or insights on this topic, please contact SecurityFocus.

Posted by: Robert Lemos
    Digg this story   Add to  
Comments Mode:


Privacy Statement
Copyright 2009, SecurityFocus