Why XSS Means You Still Need To Beware Of Keyloggers

xss and keyloggers

Unfortunately, when it comes to the security of the Internet, there are many ways that people are able to get exploited.

You have to be vigilant with your information at all times but there are some threats that you just won’t see coming.

If you do not see them coming then it is hard to defend against them, especially if the attack happens to be very technically advanced.

The sort of attack that is not coming from a script kiddie, but someone that knows what they are doing.

An exploit that fits this criteria and is starting to surface lately, is the keylogger attack but with a new twist.

They are using Javascript to implement the exploit.

Surely Keyloggers Are Old Hat?

I know what you must be thinking.

If you have any kind of security knowledge, then you know that keyloggers are almost as old as the internet itself.

For the people who may not know what it is, a keylogger is a software program or a hardware device, that logs whatever you type on the keyboard.

It then takes that information and sends it to a third party.

They have been in use for a long time and will be around even longer.

It is true that the keylogger is an old attack but this is a new form of implementation.

Hackers are using the combination of an XSS attack and a keylogger in javascript to gather information on people.

Instead of sitting in the background, the keylogger is up in front, sitting in the actual browser.

Now when you type your username and password into the log in part of a web site it will be passed to the keylogger and not just the site itself.

XSS Vulnerability

To make this attack work, Hackers use and vulnerability known as XSS.

XSS is another way to say cross site scripting.

Usually a web page will not inject a script that is running from another page, into the new one.

With XSS hackers have found a way to get past this limitation.

They bypass the same origin policy that is implemented by javascript and send a script to the new page.

In the case of this attack that script is a javascript keylogger.

The information is collected and then sent to another server to be used by the bad guy.

Once the bad guys have this information they can either use it for themselves or sell it to the highest bidder.

Depending on the site that they used this script on the information can be very valuable to a third party.

A vulnerability such as this is up to the site in question to fix.

As a user of the site there is not much that you can do.

They website owner must make sure that they are secured from such attacks.

There are several code audits that they could perform on their site to make sure that something like this can not happen.

About Lee Munson

Lee's non-technical background allows him to write about internet security in a clear way that is understandable to both IT professionals and people just like you who need simple answers to your security questions.

Trackbacks

  1. […] is why there are still new web pages being built that allows an XSS attack to filter […]

Speak Your Mind

*