Cookiejacking is a new social engineering technique (security risk) recently discovered by Rosacio Valotta, an Italian Internet security researcher, and can affect all versions of Microsoft Internet Explorer.
Channel | Publish Date | Thumbnail & View Count | Actions |
---|---|---|---|
All Things Secured | 2022-04-12 13:30:01 | 60,228 Views |
STOP BEING TRACKED ON THE INTERNET! (here's how)
Cookiejacking is a version of a type of attack known as clickjacking. This new exploit uses sophisticated techniques similar to clickjacking to give an attacker access and steal cookies from your computer. To be a little clearer, this is not an actual attack. Certain things have to happen for you to be at risk of this security risk. A third party has to set up a malicious web page and trick you into attacking. For example, you have to be tricked into performing an action such as dragging and dropping images or objects. Getting you to interact with the malicious content is the only way a hacker can gain access and steal cookies. In doing so, they may be able to get their hands on login names and hashed passwords from sites you've previously logged into.
Microsoft is aware of the issue and has stated that there have been no large-scale attacks related to cookiejacking to date. Microsoft is working on an upcoming update for the Internet Explorer browser to fix the issue.
However, since this can affect all versions of Internet Explorer, Microsoft has also mentioned in its defense that any Internet browser software carries the potential risk of clickjacking.