nAb.h4x Posted January 15, 2013 Report Posted January 15, 2013 Sursa - EhackingnewsPentru video accesati site-ul lorSeveral Yahoo users complained that their accounts have been hacked. It appears that the Yahoo email accounts are being hacked after victim click a malicious link included.The attack was started after one hacker or Security Researcher "Shahin Ramezany" uploaded a video in Youtube that demonstrates how to hack a Yahoo account by leveraging a DOM based XSS Vulnerability. The attack works in all major browsers."not so new Yahoo! again put ~400 million user in risk here is demo: http://www.youtube.com/watch?v=GJsMRDyC9eY … full detail PoC will be available after patch. #RT"In the Demo video, the hacker included a link to external html file hosted in his website and send to his victim. He opened the malicious link from the victim account.When the victim opens the malicious link, the cookie logs of the victim are being stored in hacker website. Hacker managed to use those cookies to log in into the victims account.A Voice actress and singer Cristina Vee, was affected by this hack and posted in a twitter account:"Friends and colleagues, don't click the link that was sent to you from my Yahoo email account, I was hacked :/ Apologies! " According to The Next Web report, Yahoo has plugged the security hole in question.At the time of writing, we are not able to confirm whether the attack was launched by the Shahin Ramezany or not.Pentru video accesati site-ul lor Quote
zombynebunu Posted January 16, 2013 Report Posted January 16, 2013 stie cineva ce XSS este asta care e folosit la hack yahoo?? Quote
