Featured Articles

Intel releases tiny 3G cell modem

Intel releases tiny 3G cell modem

Intel has released a 3G cellular modem with an integrated power amplifier that fits into a 300 mm2 footprint, claiming it…

More...
Braswell 14nm Atom slips to Q2 15

Braswell 14nm Atom slips to Q2 15

It's not all rosy in the house of Intel. It seems that upcoming Atom out-of-order cores might be giving this semiconductor…

More...
TSMC 16nm wafers coming in Q1 2015

TSMC 16nm wafers coming in Q1 2015

TSMC will start producing 16nm wafers in the first quarter of 2015. Sometime in the second quarter production should ramp up…

More...
Skylake-S LGA is 35W to 95W TDP part

Skylake-S LGA is 35W to 95W TDP part

Skylake-S is the ‘tock’ of the Haswell architecture and despite being delayed from the original plan, this desktop part is scheduled…

More...
Aerocool Dead Silence reviewed

Aerocool Dead Silence reviewed

Aerocool is well known for its gamer cases with aggressive styling. However, the Dead Silence chassis offers consumers a new choice,…

More...
Frontpage Slideshow | Copyright © 2006-2010 orks, a business unit of Nuevvo Webware Ltd.
Monday, 30 July 2012 09:48

Insecurity experts use JavaScript to snoop proxies

Written by Nick Farrell



Found all sorts of dodgy people


Spanish insecurity experts from Informatica64 used a JavaScript Trojan horse to steal information from spammers and scammers, which is a bit like giving AIDS back to monkeys. In a presentation at the Black Hat security conference, security consultant Chema Alonso showed off a somewhat dodgy method to snoop on some very questionable people online.

The pair replaced cached JavaScript with an attacker's copy and used this to inject the JavaScript file into a victim's browser. Alonso set up an anonymous proxy server and then published its Internet address on a proxy forum. Within a day, more than 4,000 computers had connected to the proxy server and had the poisoned JavaScript file in their browser caches.

According to Dark Reading, Alonso found a variety of low-level criminals using their proxy server. There were fraudsters posing as British immigration officials offering work permits, a bloke pretending to be a pretty woman on a number of dating sites to con victims into sending money for a plane ticket there was another fraud involving flogging non-existent Yorkshire Terriers. By replacing one of the JavaScript files with a malicious version via the proxy server, the attacker can tailor attacks for a specific site, he told the conference.

He thought that it was likely that companies and governments are already using this technique to eavesdrop on criminal activity. He said that he could collect that amount of data in only one day doing nothing with two small JavaScript files. He thought it was too easy for governments and spooks to do the same thing.

The only way for people to sure that they are safe is that they use servers that they trust. In addition, privacy-sensitive people should regularly clear the browser cache.

Nick Farrell

E-mail: This e-mail address is being protected from spambots. You need JavaScript enabled to view it
blog comments powered by Disqus

 

Facebook activity

Latest Commented Articles

Recent Comments