IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [browser-hijacking]

69 questions
1
vote
0 answers

Safari frequently gets hijacked when visiting digg.com

About 6 months ago, every so often, when visiting digg.com, my browser (Safari) would get redirected to some malware site for updating Adobe Flash. This happened both on my iPhone (not jailbroken) and on my desktop iMac. Lately, it has been…
StevieD
  • 111
  • 1
1
vote
1 answer

Json hijacking does not work

I have patched my site to prevent JSON hijacking. During this process, I was interested to see if I could actually exploit this vulnerability. So I created a foo.html, added a script tag which source attribute referenced my site which I was logged…
HelloWorld
  • 303
  • 2
  • 10
1
vote
1 answer

How can I inject cookie from Wireshark into a browser sesson

For education and research purpose, I need to inject a cookie value into my browser to allow me login indirectly (without entering the user name and password). I collected traffic during a login session using Wireshark. I have the cookie value. I…
user9371654
  • 469
  • 1
  • 6
  • 15
1
vote
1 answer

Work internet redirecting to Twitch?

When connecting my laptop with the work LAN, I noticed that certain websites get redirected always to a twitch channel. I have changed the DNS configuration and used 8.8.8.8 and 8.8.4.4, but the problem is persisting. However, when I connect my…
Sams Good
  • 11
  • 1
1
vote
1 answer

Virtualized or Container (Remote) Based Browser Isolation is more secure?

There obvious costs differences between them but I am not sure from a security perspective which of them considered to be more secure.
Filipon
  • 1,204
  • 10
  • 22
1
vote
0 answers

Redirection to a blank page after searching on Google with the search bar of Firefox

Today I tried to use the search bar in the top-right side of Firefox (ver 65.0 64-bit on Linux Mint 18.3 Sylvia 64-bit), and the search bar contains "search Google in Traditional Chinese". When I use it to search Google with a keyword (台中市; lit.…
Tan Kian-teng
  • 11
  • 3
1
vote
1 answer

Websites that fill back button history with questionable pages

Occasionally I see links like the following (don't visit this on your main computer) that I am redirected to on Google. The back button will either redirect back to the page, or some other questionable content. These pages are almost always some…
Expectator
  • 171
  • 4
1
vote
3 answers

Why would fraudsters use old user-agents (old browsers versions)?

I would like to know why fraudsters would use old User-agents (with old browsers versions) to make conversions for PPL (Pay-Per-Lead) or PPS (Pay-Per-Sales) offers in affiliate marketing? It seems like it's a tendency now and I'm not sure why they…
ffspider
  • 11
  • 2
1
vote
1 answer

Can an exploit in my browser read login passwords without logging in again?

When I log into my email account through a browser and open an email which exploits some vulnerability in my browser would it be possible for the attacker to take over my account? Passwords for full disk encryption are saved somewhere in the memory.…
hurdar
  • 71
  • 3
1
vote
1 answer

User accessed Phishing link but didn't provide the credential but got hacked?

One of my colleagues received a phishing email in which he clicked on a link. The domain (www.phishing-link.biz) redirected to adfx.xxx.edu which does look like adfs authentication page. Colleague restated that he did not provide his user name and…
MS Guy
  • 97
  • 9
1
vote
1 answer

Go.redirectro issue

I have a hijacker problem "Go.redirectro" And it gave ma a horrible headache​ I tried registry editor and take a file by file deep look at my drive and uh god it took me long time Look i am a computer guy and also i am an IT guy. but this This is…
Red
  • 19
  • 3
1
vote
2 answers

Applicability/Purpose of Malicious .dll Injected Into Browsers

I am currently disassembling an instance of malware, of which, following a quick first pass, looks to be some augmented variant of ZueS. As I was quantitatively characterizing the targeting mechanics I came across the expression below. I'm simply…
Kairos
  • 26
  • 2
1
vote
1 answer

Browser custom protocol handlers

The possibility of running a shell command from an extension (NPAPI) has been phased out, but custom protocol handlers are still supported. What is the practical difference if an extension can still launch any executable via the protocol handler?
antonio
  • 845
  • 2
  • 8
  • 15
1
vote
1 answer

Anonymity of session hijackers using dsploit

I was wondering about the possibility of finding out culprits who hijacked others' sessions and tried using google to find an answer several times, but I always failed. Before I ask a question, let's make some assumptions: assume that I am logged…
Jim
  • 11
  • 1
1
vote
2 answers

Is there a way to sniff a "mousejack" attack?

I'm sure a lot of you are aware about the vulnerability in unencrypted wireless mouses. If not, here's a website reporting on the vulnerability: https://www.mousejack.com/ It sounds like the best way to prevent an attack as a consumer is to either…
Esteban
  • 123
  • 6
1 2
3
4 5