Posted on 12/09/2004 3:41:29 PM PST by QQQQQ
Many popular browsers are affected by a vulnerability that makes it easy to spoof the content of websites, security firm Secunia warns.
Features built into browsers makes it possible for malicious websites to change the content of pop-up windows created by trusted websites such as online banks. Users would have no inkling that potentially hostile content has been injected into a pop-up window. Exploits rely on misusing browser functionality rather than taking advantage of a software bug. Thomas Kristensen, Secunias chief technology officer, described the problem as perhaps the simplest phishing trick yet.
Secunia has confirmed the vulnerability on fully patched versions of Internet Explorer 6.0 and Windows XP SP1 and SP2 (advisory here), Mozilla 1.7.3, Mozilla Firefox 1.0, Netscape 7.2, Apple's Safari 1.2.4, Opera 7.54, and KDE's Konqueror 3.2.2-6. Other versions of these browsers might also be affected. Secunia has issued five advisories (summary here) and an on-line test (online test here).
Secunia describes the vulnerabilities as "moderately critical". It advises users not to browse untrusted sites while browsing trusted sites.
It's by Security firm Secunia, they have a good explanation of how this happens.
The link to Secunia is: Secunia explanation and online test. Clicking on this link will NOT start the test, you can just read more about the vulnerability, then decide, if you want to test your browser.
It seems the main way to avoid it is to clean your cache, cookies, etc., closer your browser, THEN go to the secure site, but NOT have any other browser windows open, then after you took care of your business, close the browser, then open it again and do your browsing.
Without reading further, it sounds like all you have to do is not link to your banking site through your hair growth page and then not notice that youre accessing it through a popup.
Like the girl with the nosebleed said, it's always something....
Test it with FireFox, though, and oops!
I went to the secunia site....and got a harmfull pop up!
I don't get it.
BTTT
Get it? Lock down your hosts file by putting hostile websites into the Internet Explorer Restricted Zone and then using Spybot S&D to make it read only so hackers can't hijack it. You should be parasite-free afterwards for good.
It got me with Firefox 1.0 and Mozilla 1.7.3 and IE6.0
However, I have the extension to open Firefox from pages viewed with IE, so I right clicked on the link, (the one for users of popup stoppers) to open with Firefox, and THAT way Secunia's spoof didn't work.
I also have the extension to open IE from Firefox, so the spoof didn't work that way either.
My Konqueror 3.2.2 works properly as well.
My copy of Opera 7.53 Final (a very old version) is vulnerable.
Methinks Secunia screwed the pooch on this one.
That script is to open a new window. Note the title/subject of the window, and also note there are instructions for resizing that window.
To all: right clicking and opening those links in new windows (using the same browser) doesn't allow this particular spoof.
ok. can someone explain this to me? I'm over 40. Thanks.
I drive a Studebaker.
I tried it with Firefox 1.0 and the latest IE. Neither of them were hijacked. I must have something running that prevents it-- Spybot? Spyware Guard? Spyware Blaster?
It's a little tricky and it would require technical speak to explain to a layman. But essentially the way pop-ups work in most browsers allow for some bad websites to pop-up windows if you click a link in a friendly website. But you have to have them both open.
It's not the end of the world. Just make sure you're not working with multiple windows open when doing secure stuff.
Which is not a Citibank site at all:
"Domain Name: CITIBANK.COM
Registrar: TUCOWS INC."
I don't get it. If you go to the wrong site and do what they say that's got nothing to do with any vulnerability in your browser- it's the nut behind the wheel you have to worry about.
I'm not sure. Make sure you do one left click, and note whether you're running a popup blocker. Do you mean the latest IE is that SP2 for XP users? It has a popup blocker, doesn't it? (I don't run XP).
I'm running Spyware Blaster, for what it's worth, but I don't think it's made to counter these kinds of things. Not just yet, anyway. When things like this are made public it hopefully will be entered in later program updates.
Bump for later reading
I'm confused. How are you viewing it? I used page info with Firefox and didn't see that.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.