R-Byter
asked on
Tabnabbing - how it spreads
Hi fellow experts,
Im trying to solve the puzzle. I was asked to help my friend with his web server compromised with javascript code injected in some asp and php web pages. What I discovered so far is that is Tabnabbing "attack", a relativelly new form of phishing attack. Looks pretty scary. Detailed info here:
http://www.azarask.in/blog/post/a-new-type-of-phishing-attack/
What is the security hole thats causing this and how this spreads, I mean I understand what it does, but how was that code injected in asp or php files in the first place?
Thanks in advance.
Regards
Im trying to solve the puzzle. I was asked to help my friend with his web server compromised with javascript code injected in some asp and php web pages. What I discovered so far is that is Tabnabbing "attack", a relativelly new form of phishing attack. Looks pretty scary. Detailed info here:
http://www.azarask.in/blog/post/a-new-type-of-phishing-attack/
What is the security hole thats causing this and how this spreads, I mean I understand what it does, but how was that code injected in asp or php files in the first place?
Thanks in advance.
Regards
ASKER
Thats what it should do, You're right. But Aza Raskin is currently Creative Lead for Firefox. So he just explained and showed live demo about tabnabbing phishing attack. WHat is left unknown is how that code was injected in asp or php pages at web server (code that executes this kind of phishing attack)?
Regards
Regards
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Excellent effort, You just need to point a source where You get this text:
http://db.tidbits.com/article/11314
Anyway, can conficker worm be responsible for injecting this tbanabbing code into legitimate pages on web server?
Regards
http://db.tidbits.com/article/11314
Anyway, can conficker worm be responsible for injecting this tbanabbing code into legitimate pages on web server?
Regards
Sorry thought I had :-)
ASKER
Will award You the points if no one give any more thoughts in a day.
Regards
Regards
Tabnabber.jpg