Posts Tagged clickjacking

So, Clickjacking…

“The basic idea is that an attacker loads the content of an external site into the site you’re visiting, sets the external content to be invisible and then overlays the page you’re looking at. When you click any link you see on the current page, you are in fact clicking on the externally loaded invisible page and about to load pretty much whatever the attacker wants…”

This is a current attack prevalent in a lot of advertising, pay-per-click schemes, and malware drops these days. The Attack Research guys did a pretty good rundown on the type of attacks that are being used in the wild.

Just a few days ago Samy from samy.pl released a quick clickjacking code generator. Check it out:

http://samy.pl/quickjack/