Hardly a day goes by without someone asking a Bonza technician to remove a virus(s) from a computer or laptop. This post may help you to “pause a sec” before you click!
Suppose you visit a site and think you’re clicking on a button to close a window; instead, the action of clicking the “X” button prompts your computer to download a Trojan virus, transfer money from your bank account or turn on your computer’s built-in microphone. The host website may be a legitimate site that’s been hacked or a fake version of some well-known site like your bank’s website. You may have been tricked into visiting the site through links online or in email messages.
It’s called Clickjacking
Clickjacking is a malicious technique of tricking Web users into revealing confidential information or taking control of their computer while clicking on seemingly innocuous web pages. The exploit is also known as UI redressing. Read the full description on Wikipedia
When you’re “click jacked” a virus is downloaded to your hard drive. In many cases your antivirus software will be disabled and destroyed by the virus, which will then behave like a legitimate antivirus program. It will ask you to use your credit card to buy a license for the software online so it can “clean” your computer.
It will also prevent the installation of widely used antivirus and malware removal programs, which means once you are infected it can be difficult to get clean without the assistance of a computer technician. Clickjack detection is complex and varies between browsers. *It is important to note that this is not a vulnerability based in the target applications but rather in software running on your machine (i.e. browsers).
There are multiple variants of clickjacking. In a nutshell, each one utilises a different technique to exploit the same vulnerability found in all major browsers, Internet Explorer (IE), Firefox, Safari and Opera. This vulnerability enables attackers to alter a website’s visual display from the browser while preserving its functionality. It involves generating a fake graphical overlay on top of an existing web page in order to visually change the web page while preserving its buttons, forms, etc. without you noticing or seeing the change because forms get sent as usual and other features perform as expected.
The malicious web page embeds a page from another domain to which the user is already authenticated. Since the malicious web page is controlled by the attacker, the attacker can visually hide parts of the original application from the user and cause you to click on something you otherwise wouldn’t have.
This example is using iframes to show different text, and to hide a button, forcing you to select “Yes” to something unknown hidden underneath the button.
This image shows a fake overlay causing you to inadvertantly give your bank login details to the attacker.
How to Protect from Clickjacking
1. Install Firewall and Antivirus and always update your antivirus definitions.
2. Always Log Out of your accounts.
3. Upgrade Your Favourite Browser to the latest version and increase your browsing security.
4. Upgrade browser plugins.
I make sure I check and update all of the above regularly. Last week I was in Melbourne and when I returned I had 16 updates waiting!
Be vigilant folks! And please, please pause before you click.
Tags: About Clickjacking, malicious virus, protect from clickjacking
This entry was posted
on
Friday, June 17th, 2011 at
2:08 pm and is filed under
Computer Problems . You can follow any responses to this entry through the
RSS 2.0 feed.
Both comments and pings are currently closed.
|