Friday, 2 September 2016
11 comments

Facebook And Twitter Accounts Can Hack Through target="_blank" Vulnerability

Facebook And Twitter Accounts Can Hack Through target="_blank" Vulnerability

Facebook And Twitter Accounts Can Hack Through target="_blank" Vulnerability.


The target="_blank" is using for target attribute specifies where to open the link in new tab. Hackers are using this trick for Phishing Attack. When a user click on the text link, then the malicious link will open in new Tab. This cyber attack could happen on browser based not Web Servers.


How does it work?

According to security researcher Ben Halpern,  Facebook and Twitter social networks accounts are vulnerable.

In order to restrict the behavior window.opener access, the original page needs to add a rel="noopener" attribute to any link that has target="_blank". However, Firefox does not support that tag, so you should actually use rel="noopener noreferrer" for full coverage.

Some amount of prevention can be achieved through scripting, though, as observed with Twitter, this seems to fail on Safari. This issue is not well-known, and is totally underestimated. This has been brought up in a Web Hypertext Application Technology Working Group mailing list, said Halperm.


How to Fix?

Developers should add attribute rel="noopener" into the website code. Because some browsers does not fully support that attribute, developers should use rel="noopener noreferrer" instead.

11 comments:

  1. I am Andrew Alan a hacker who is has built a very good reputation and undeniably one of the best hackers you can come across.i have got access to hack into any account and also get to generate passwords for accounts like Facebook,Instagram,Twitter,gmail,yahoo mail,whats-app,we-chat,etc..I also have logins for bank like BOA,welsfargo,chase,credit union,capital one, and many other different banks for transfers and credit card top ups,Retrieving hacked social media accounts,clearing criminal records,CC hack,hacking computer systems,Website hack,Catch hacker scammers,Phishing emails, that's to mention a few ... You can contact me on.......... [email protected]

    ReplyDelete
  2. I'm in need of help in several areas and can offer trade services...[email protected]

    ReplyDelete
  3. I'm in need of help in several areas and can offer trade services...[email protected]

    ReplyDelete
  4. we hack everything and anything from accounts (all) to social

    media sites to dating sites to tax invation to hacking of emails

    and devices loading of account tracking hacking changing grades

    all virus and bank spam and scam pages we do contact us at

    [email protected] hoping to hear from u

    ReplyDelete

 
Toggle Footer
Top