|
-
April 1st, 2008, 04:57 PM
#1
JAVA: new variation on a theme?
It seems that the idea of poisoning websites with Java scripts has taken a slightly new twist.
Attackers have taken advantage of JavaScript before, but usually on individual sites. The search engine trick — which has been focused on Google, though it could work on Yahoo and MSN search engines — is new, Danchev says.
Apparently it works like this:
The vulnerability occurs when someone does a Google search, then clicks on a result that has been secretly tainted by hackers. They will usually be taken to the Web page they expect. But at the same time, they are invisibly redirected to a computer server that installs a hidden program.
Article is here:
http://www.usatoday.com/tech/news/co...s_N.htm?csp=34
The worry here is that the targets seem to be large and reputable sites, that more security aware people would be tempted to allow in FireFox's "NoScipt" plugin, or put in the trusted zone of IE? 
Still want to turn off UAC.....................assuming that would warn you?????
-
April 1st, 2008, 05:55 PM
#2
That almost sounds like a phishing issue: impostor sites loading malicious scripts.
Phishing taken to a new level?
edit -- Shane Macaulay got around UAC apparently running his javascript on Flash in Pwn2Own contest (I'm guessing UAC was enabled on that unit since that is the default). I suppose UAC is better than nothing, but I'd think the latest anti-phishing tech in a browser would be a good solution.
Last edited by brokencrow; April 1st, 2008 at 06:21 PM.
“Everybody is ignorant, only on different subjects.” — Will Rogers
-
April 1st, 2008, 06:19 PM
#3
Maybe I am misunderstanding this brokencrow?
The way I read it is that reputable sites are being poisoned, so that when a search engine takes you there, you also make a connection to a hidden site that infects you?
You trust the site you want to visit, and are not aware of the "additional features" 
I wonder how the code is getting in there though?
-
April 1st, 2008, 06:24 PM
#4
I see your point, nihil. When one visits any given website, one is
actually visiting a series of sites linked to that primary page. And
one of those linked sites is tainted. Ich verstehe.
How is the code getting in there? Google ads? 
Last edited by brokencrow; April 1st, 2008 at 07:58 PM.
“Everybody is ignorant, only on different subjects.” — Will Rogers
-
April 1st, 2008, 08:11 PM
#5
Why is the title of this JAVA:?
-
April 1st, 2008, 09:06 PM
#6
This is why I have JavaScript (and activeX, Java) disabled for all but my own sites.
-
April 1st, 2008, 09:12 PM
#7
Why is the title of this JAVA:?
It isn't......................?????????????
Obviously, if you are having problems with your browser, we would gladly try to help...................
Last edited by nihil; April 1st, 2008 at 10:59 PM.
-
April 1st, 2008, 10:58 PM
#8
Title of thread: JAVA: new variation on a theme?
Content of thread: JavaScript exploit
-
April 1st, 2008, 10:59 PM
#9
So?
-
April 1st, 2008, 11:26 PM
#10
On a related note, Google is now using javascript to add smells to webpages.
http://booksearch.blogspot.com/2008/...ls-better.html
Amazing, ain't it?
“Everybody is ignorant, only on different subjects.” — Will Rogers
Similar Threads
-
By SDK in forum Miscellaneous Security Discussions
Replies: 15
Last Post: November 26th, 2004, 04:50 AM
-
By MrLinus in forum Cosmos
Replies: 4
Last Post: April 18th, 2004, 08:01 AM
-
By -DaRK-RaiDeR- in forum AntiOnline's General Chit Chat
Replies: 5
Last Post: December 31st, 2002, 06:39 AM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
