Blackhat Exploiting Lax URL Redirects

Pulkit Chandna

An anonymous blackhat hacker is unabashedly exploiting an unattended vulnerability in URL redirect notifications to redirect internet users to malicious websites. As most websites, including the major ones, merely issue a notification to users that they are being redirected to another URL without scrutinizing that particular website, users remain sitting ducks to such attacks.

The nefarious attacker has gone a step further by employing SEO techniques to increase the standing of his spyware-bearing websites with search engines. Security analyst Gary Warner says that the threat can be rooted out, if redirects are tempered to only accept referrals from verified websites . However, he expects the threat to persist due to regulatory inaction.

Image Credit: Enor

Around the web

by CPMStar (Sponsored) Free to play

Comments