The ongoing Digg versus Netscape spat has apparently escalated into a hacking attack against America Onlines Netscape.com social media Web site.
Virus researchers at Finnish security vendor F-Secure discovered the Netscape.com hack during research work around cross-site scripting vulnerabilities on social networking sites and said the attack was obviously the work of Digg fans.
Netscape.com, which was relaunched in June 2006 as a hybrid news site combining editor-driven news and user-submitted stories, has been panned as a blatant rip-off of Digg, the social news site that popularized the concept of swarms of users voting on the value of news articles.
"Fortunately no one has tried to inject malicious code, yet," Masood added.
America Online spokesperson Andrew Weinstein confirmed that a weakness in the Netscape.com user submission process led to the exploit, which affected the site "for a few hours, in the middle of the night."
"The [Netscape.com] site wasnt adequately filtering story submission from users. Some users were able to submit stories with code that had the cross-site scripting exploit," Weinstein said in an interview with eWEEK.
He confirmed that the code was being used to redirect users to rival Digg.
"Weve fixed the filtering process and will continue to review the site to strengthen the quality of the service for all our users," Weinstein added.