Featured Articles

Hands on: Nvidia Shield Tablet with Android 5.0

Hands on: Nvidia Shield Tablet with Android 5.0

We broke the news of Nvidia's ambitious gaming tablet plans back in May and now the Shield tablet got a bit…

More...
Nokia N1 Android tablet ships in Q1 2015

Nokia N1 Android tablet ships in Q1 2015

Nokia has announced its first Android tablet and when we say Nokia, we don’t mean Microsoft. The Nokia N1 was designed…

More...
Marvell launches octa-core 64-bit PXA1936

Marvell launches octa-core 64-bit PXA1936

Marvell is better known for its storage controllers, but the company doesn’t want to give up on the smartphone and…

More...
TSMC 16nm FinFET Plus in risk production

TSMC 16nm FinFET Plus in risk production

TSMC’s next generation 16nm process has reached an important milestone – 16nm FinFET Plus (16FF+) is now in risk production.

More...
Nvidia GTX 970 SLI tested

Nvidia GTX 970 SLI tested

Nvidia recently released two new graphics cards based on its latest Maxwell GPU architecture, with exceptional performance-per-watt. The Geforce GTX 970…

More...
Frontpage Slideshow | Copyright © 2006-2010 orks, a business unit of Nuevvo Webware Ltd.
Monday, 30 July 2012 09:48

Insecurity experts use JavaScript to snoop proxies

Written by Nick Farrell



Found all sorts of dodgy people


Spanish insecurity experts from Informatica64 used a JavaScript Trojan horse to steal information from spammers and scammers, which is a bit like giving AIDS back to monkeys. In a presentation at the Black Hat security conference, security consultant Chema Alonso showed off a somewhat dodgy method to snoop on some very questionable people online.

The pair replaced cached JavaScript with an attacker's copy and used this to inject the JavaScript file into a victim's browser. Alonso set up an anonymous proxy server and then published its Internet address on a proxy forum. Within a day, more than 4,000 computers had connected to the proxy server and had the poisoned JavaScript file in their browser caches.

According to Dark Reading, Alonso found a variety of low-level criminals using their proxy server. There were fraudsters posing as British immigration officials offering work permits, a bloke pretending to be a pretty woman on a number of dating sites to con victims into sending money for a plane ticket there was another fraud involving flogging non-existent Yorkshire Terriers. By replacing one of the JavaScript files with a malicious version via the proxy server, the attacker can tailor attacks for a specific site, he told the conference.

He thought that it was likely that companies and governments are already using this technique to eavesdrop on criminal activity. He said that he could collect that amount of data in only one day doing nothing with two small JavaScript files. He thought it was too easy for governments and spooks to do the same thing.

The only way for people to sure that they are safe is that they use servers that they trust. In addition, privacy-sensitive people should regularly clear the browser cache.

Nick Farrell

E-mail: This e-mail address is being protected from spambots. You need JavaScript enabled to view it
blog comments powered by Disqus

 

Facebook activity

Latest Commented Articles

Recent Comments