Sunday, May 23, 2010

Click away at your own risk!




It just seems that hackers are getting more creative by the day.

Now we have something else to worry about, CLICKJACKING!
What it is you might ask? Clickjacking, as the term might imply, is akin to someone stealing your clicks, i.e. you think that you are clicking on something important and relevant to you such as an ad or a webpage link, when in fact you are actually clicking on a hidden icon, button, page link, etc. (also known as an iframe) that is positioned right under your mouse button that takes you to somewhere, or makes you send information that you actually would never want to send in the first place. The worst thing is that there are no current browsers, IE, Firefox, Google etc. that can protect users from such an attack! The following video shows you how its done:

http://www.youtube.com/watch?v=3mk0RySeNsU


Unfortunately for us web users, clickjacking has been around for some time now, maybe even as early as late 2008, however, internet based companies and browsers have done little to do anything about it, primarily cos they were unsure what the actual hacking implications were! C'mon! Really?


Several highly popular websites, especially those of the highly addictive social networking variety have shown to be vulnerable in the past. In fact, some of us might find these very familiar! Ever had other's complain that you were randomly posting stupid links on their facebook pages?


Guess what! You were clickjacked!


Facebook and Twitter have both shown vulnerability in the past!


However, the worst part of all this is that you really can't do a lot about it. Hopefully, there should be a solution out there soon as the issue is gaining a lot of interest. But BEWARE! Clickjackers are already evolving!






No comments: