• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

Tabnapping phishing attack

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Exploits // System Weaknesses

View previous topic :: View next topic  
Author Message
Ignatius
Just Arrived
Just Arrived


Joined: 07 Jan 2009
Posts: 0
Location: Leeds, UK

Offline

PostPosted: Tue May 25, 2010 9:30 pm    Post subject: Tabnapping phishing attack Reply with quote

I just came across this example of a new attack: http://www.azarask.in/blog/post/a-new-type-of-phishing-attack/

I don't know if anyone will find it interesting.
Back to top
View user's profile Send private message
Apoll0
Just Arrived
Just Arrived


Joined: 27 May 2010
Posts: 0


Offline

PostPosted: Fri May 28, 2010 4:23 am    Post subject: Reply with quote

I saw this earlier this week. Crazy stuff. The good news is unless it is a targeted attack that knows the sites you access, it relies on chance. The attacker will open a tab in your browser with a fake site login, and hope that you go to that tab, see a familiar login, and enter your credentials. Still something to be wary of of course...
Back to top
View user's profile Send private message
capi
SF Senior Mod
SF Senior Mod


Joined: 21 Sep 2003
Posts: 16777097
Location: Portugal

Offline

PostPosted: Fri May 28, 2010 4:34 am    Post subject: Reply with quote

Apoll0 wrote:
The good news is unless it is a targeted attack that knows the sites you access, it relies on chance. The attacker will open a tab in your browser with a fake site login, and hope that you go to that tab, see a familiar login, and enter your credentials.

The problem is there are ways the attacker can find out whether or not you are logged in on any of a given number of sites:
Raskin wrote:
Using my CSS history miner you can detect which site a visitor uses and then attack that site (although this is no longer possible in Firefox betas). For example, you can detect if a visitor is a Facebook user, Citibank user, Twitter user, etc., and then switch the page to the appropriate login screen and favicon on demand.

Even more deviously, there are various methods to know whether a user is currently logged into a service. These methods range from timing attacks on image loads, to seeing where errors occur when you load an HTML webpage in a script tag*. Once you know what services a user is currently logged in to, the attack becomes even more effective.
Back to top
View user's profile Send private message
Apoll0
Just Arrived
Just Arrived


Joined: 27 May 2010
Posts: 0


Offline

PostPosted: Fri May 28, 2010 6:18 am    Post subject: Reply with quote

Oh wow, true. I guess combining this with MITM or MITB efforts could also result in more success...just depends on the sophistication of the attacker. I think though that a majority will just go for the easy ones (facebook, email accts, major creditors, etc)...actually any active monitoring and real time exploit could be bad...eesh...
Back to top
View user's profile Send private message
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Exploits // System Weaknesses All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register