Full Disclosure mailing list archives
A new Facebook Token Hijacker malware
From: Vulncheck Security <info () vulncheck com>
Date: Mon, 4 Feb 2013 14:25:59 -0500
Hello All, A new variant of Facebook Token Hijacker is in wild. This variant is capable of posting on behalf of victim, creating event and inviting all friends all done by an obfuscated javascript. The main advantage of this malware in compare to other types of phishing attack is that, it is capable of hijacking the access token and sending the information from the actual victim machine. In conventional phishing attack, the attacker harvest victim's credentials for future use, however the big challenge against them is to bypass the Identity and Access Management Controls in place where they are asked for challenging questions in case they are logged from an unknown location/device. This details of this malware/phishing attack and a semi-deobfuscated version of the malware is posted online: http://www.faghani.info/blog Please feel free if you need further information on this attack. Best Regards,
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- A new Facebook Token Hijacker malware Vulncheck Security (Feb 05)