It is currently 18-08-2017 23:17

Using the attribute target=_blank in the links increases the risk of phishing attacks

Using the attribute target=_blank in the links increases the risk of phishing attacks

by sigismund » 2016-09-02 15:51:37


About the vulnerability became known a few years ago, but it still is present on many popular sites.


Sites that use the attribute target="_blank" in your links, put users at risk of phishing attacks, and consequently, data loss. Vulnerability target="_blank" learned two years ago, but it still is present on many popular sites.

The essence of vulnerability is the following: when the user clicks a link that uses target="_blank", the browser opens a new tab. This tab briefly gets access to the page source through the window object.opener. So, just open tab can change the window.opener.location, that is, instead of the previous tabs discreetly to load a completely different page.

For example, if a user clicks on the link (using the attribute target="_blank") in Facebook, the attacker can quietly replace the fake page, which later will inform the victim about the need to re-login. Thus, the credentials of the victim will be in the hands of a criminal.
Developed by Ben Halpern (Ben Halpern) has compiled a list of major sites vulnerable to this method of attack. One of them was Instagram, Facebook and Twitter (if links are opened in Safari). The researcher informed the company about the vulnerability, but to date, it is corrected only in Instagram.

The developer proposed a method of preventing the exploitation of the problem. It is to add rel="noopener" to all links on the site. Since Mozilla Firefox does not fully support this attribute instead of rel="noopener can use rel="noreferrer noopener".
sigismund
moderators
Сообщений: 788
Депозит: 0 BTC

Rating: 5