Phishing meets Cross Site Scripting at Paypal

Paladion
By Paladion

June 21, 2006

Netcraft reports a very convincing phishing attack on Paypal, exploiting a Cross Site Scripting vulnerability on the Paypal site.
The phishers exploit a XSS vulnerability on the original Paypal site. They automatically re-direct the user to the Phisher's site after they are induced to visit the original site. Netcraft has step-by-step screen shots of the attack.
The vulnerable page on the Paypal site was SSL-secured, so a user who visited the page even saw a valid Paypal SSL certificate. The auto-redirect told the users their account had been temporarily disabled, and to visit the "Resolution Center" for re-activating it. The phishers, of course, hosted the Resolution Center.
Paypal has fixed the vulnerability.
This seems to be the first appearance of phishing and XSS together. Expect to see more of this in the coming months.


Tags: Uncategorized

About

Paladion

SUBSCRIBE TO OUR BLOG

WHITEPAPER

Buyer’s Guide to Managed Detection and Response

Download

Get AI Powered

Managed Detection and Response

REPORT

AI-Driven Managed Detection and Response

Download Report

EPISODE-25

Why Your ‘Likes’ on Facebook May Be Revealing Far More than You Thought

Click URL in the Post for the Full Podacst