Samy (also known asJS.Spacehero) is across-site scriptingworm (XSS worm) that was designed to propagate across thesocial networking siteMySpace bySamy Kamkar. Within just 20 hours^[1] of its October 4, 2005 release, over one million users had run the payload^[2] making Samy the fastest-spreadingvirus of all time.^[3]

The worm itself was relatively harmless; it carried apayload that would display the string "but most of all, samy is my hero" on a victim's MySpace profile page as well as send Samy a friend request. When a user viewed that profile page, the payload would then be replicated and planted on their own profile page continuing the distribution of the worm. MySpace has since secured its site against the vulnerability.^[1]

Samy Kamkar, the author of the worm, was raided by theUnited States Secret Service and Electronic Crimes Task Force in 2006 for releasing the worm.^[4] He entered aplea agreement on January 31, 2007, to afelony charge.^[5] The action resulted in Kamkar being sentenced to three years'probation with only one (remotely-monitored) computer and no access to the Internet for life (this provision was later struck off by a judge), 90 days'community service, and $15,000–$100,000,000 in restitution, as well as a 20-year suspended prison sentence, as directly reported by Kamkar himself on "Greatest Moments in Hacking History" byVice Media's video website,Motherboard.^[6]

• Motherboard S01E03 Greatest Moments In Hacking History: Samy Kamkar Takes Down Myspace
• An interview with Samy Kamkar
• Technical explanation of The MySpace Worm
• Darknet Diaries - Samy (Episode 61)

• Computer worms
• Myspace
• JavaScript
• Hacking in the 2000s

• Articles with short description
• Short description is different from Wikidata