Skip to main content

$700 hack threatens millions of Yahoo Mail users

posted onNovember 26, 2012
by l33tdawg

A new exploit being sold for $700 may put tens of millions of Yahoo Mail users at risk.

Once victims click on a malicious email link, the exploit allows an attacker to steal and replace tracking cookies, while remotely controlling the victims' browsing sessions.

"After the victim clicks the link, he will be redirected to the email page again," a demonstration video for the hack explained. "And you can redirect him to wherever you want." According to Yahoo, fixing the exploit won't be nearly as difficult as finding it. That's because it's an XSS flaw set off by a URL, a hole that can easily be patched, but hard to locate.

Source

Tags

Yahoo Security

You May Also Like

Recent News

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th

Friday, June 7th