tab nabbing discovered a new technique to implement phishing attacks and deploy malicious scripts in pages

Inserito da 26 Maggio, 2010

Si tratta di :ICT and Computer Security


original post in italian here

discovered a new technique to implement phishing attacks and deploy malicious scripts in pages.

Aza Raskin Firefox Creative leads the team announced that it is possible to tabnabbing.

in two words how work ? what is it?

The attack is elegant and simple: a user has multiple tabs open in your browser and visit a site with a specially crafted javascript code and moves from one tab to another, can be arbitrarily redirrezionato from page to page.

The intelligence of the code is to be able to access the history and customize the phishing attack, so if the PC used to access your account online bank  you can get a clone, attention always look good lock and control who has issued the SSL certificate as well as watch the address bar of your browser.

This technique was refined by the expert also commented that Aviv Raff has provided special fancy for curiosoni carry the link:

http://avivraff.com/research/phish/article.php?854817837

if you want to download the code, and study the exploits

http://www.azarask.in/blog/post/a-new-type-of-phishing-attack/




Categories : ICT and Computer Security Tags : , , , , , , , , , , , , , , , , , , , , , , , , , , ,



divisore

Commenti Via Facebook

Commenti lasciati dagli ospiti, senza usare Facebook

Commenti

Non ci sono commenti.


Inserisci un Commento

(richiesto)

(richiesta)



divisore