clickjacking

What is clickjacking?

Clickjacking, also known as “UI redress attack”, is when an attacker tricks a user into clicking on a button or link on a page other than the one they expected. The attacker does this by overlaying the button or link they want the user to click on top of the page the user is expecting to see. When the user clicks on the button or link, they are taken to the attacker’s page instead of the page they were expecting.

Clickjacking can be used to trick users into clicking on links that install malware, make unwanted purchases, or disclose personal information. It can also be used to trick users into taking actions that they did not intend to take, such as liking a page on social media or voting in an online poll.

How does clickjacking work?

Clickjacking works by tricksing a user into clicking on a button or link that is on a page other than the one they are expecting. The attacker does this by overlaying the button or link they want the user to click on top of the page the user is expecting to see. When the user clicks on the button or link, they are taken to the attacker’s page instead of the page they were expecting.

attackers can use a number of different techniques to trick users into clicking on their buttons or links. These techniques include using transparent or opaque layers, positioning the button or link in a strategic location, and using social engineering to make the user believe they are clicking on a safe button or link.

What are the consequences of clickjacking?

The consequences of clickjacking depend on the actions that are performed when the user clicks on the button or link. For example, if the button or link leads to a malware download, the user’s computer may be infected with malware. If the button or link makes an unwanted purchase, the user may end up with unwanted charges on their credit card. If the button or link discloses personal information, the user’s privacy may be compromised.

Clickjacking can also be used to trick users into taking actions that they did not intend to take, such as liking a page on social media or voting in an online poll. These actions may have consequences for the user, such as being added to a mailing list or having their social media account bombarded with spam.

How can I protect myself from clickjacking?

There are a few things you can do to protect yourself from clickjacking. First, be aware of the risk. If you’re not sure whether or not a button or link is safe, don’t click on it. Second, use an anti-clickjacking plugin or extension for your web browser. These plugins or extensions will block web pages that are known to contain clickjacking attacks. Finally, make sure your web browser is up-to-date. Newer versions of web browsers usually have better protection against clickjacking attacks..Citation

water holing

Water holing is a type of attacks that are Layer 7 dependent. attacker usually exploit the weak spots or vulnerabilities in the application layer in order to get access to the server or network and then insert a malware. The malware then can be used to exfiltrate, encrypt or delete data. This type of attack is commonly seen in targeted attacks.

Visit malwarezero.org to learn more about most dangerous computer virus in the world. Disclaimer: We used this website as a reference for this blog post.