EvilZone

Hacking and Security => Hacking and Security => Topic started by: Axon on July 02, 2013, 10:58:10 AM

Title: Windows 8 keyjacking attack discovered
Post by: Axon on July 02, 2013, 10:58:10 AM

By John Leyden, 1st July 2013

Quote

A security researcher has discovered a sneaky social engineering trick that might be used to disguise the go-ahead to run hostile code on Windows 8 machines. The so-called keyjacking technique, uncovered by Italian security researcher Rosario Valotta, is similar to clickjacking. However, instead of fooling marks into generating fake Facebook likes, the keyjacking involves disguising a "run executable" dialogue box within a CAPTCHA challenge.

Code: [Select]

http://www.theregister.co.uk/2013/07/01/keyjacking_attack_targets_letter_r_captchas/

The awesomeness of windows  ::)

Title: Re: Windows 8 keyjacking attack discovered
Post by: Darkvision on July 02, 2013, 11:21:58 AM

good article. got to love how this stuff evolves

Title: Re: Windows 8 keyjacking attack discovered
Post by: Pak_Track on July 02, 2013, 12:19:05 PM

I'm very surprised. Microsoft, being a popular company, should atleast have some skilled people. This is so stupid, it makes me think the NSA bought Microsoft very secretly  :P

Title: Re: Windows 8 keyjacking attack discovered
Post by: vezzy on July 02, 2013, 01:52:29 PM

Quote from: Pak_Track on July 02, 2013, 12:19:05 PM

This is so stupid, it makes me think the NSA bought Microsoft very secretly  :P

I can't believe it took you this long to figure it out. (https://en.wikipedia.org/wiki/NSAKEY)