|
|
|
|
IMPACT
Loss of reputation
This can be the most devastating side effect similar to "defacement". There is no need to explain
how the defacement is possible in great detail. One can think of an attacker filling the whole
page simply with an image of their own choice. It's sometimes looked at as an inability of the
organization to provide sufficient website protection or proof that insufficient
security measures are implemented at the server side.
In some cases, some part of a website is reserved for advertisements. XSIO may allow the hiding of
such content/advertisements, and eventually this will result in the loss of reputation among customers of the website, who are publishing there advertisements on the attacked pages.
Deliberately publishing misleading information
XSIO can be used for phishing and other online frauds. Images associated with a malicious
hyperlink pose a greater security risk. Attackers with malicious intentions may easily trick the
users of such modified page into visiting malicious websites, set up especially for phishing
purposes.
For example, an attacker may overlap some image on the page with a logo of a reputed bank
with a hyperlink. The hyperlink may point to the phishing site having a webpage similar to
banks login page.
As a Web beacon (web bug) to track the visitors of the particular page
Web beacon is designed to monitor who is visiting the webpage containing an invisible image.
Invisibility is achieved by means of transparency (or an image of the same color of the
background) that is embedded in an HTML page. Every time the image is requested by a client
browser, information about the requester is logged. What information is sent to a server when a
Web Bug is viewed?
- The IP address of the computer that fetched the Web Bug
- The URL of the page that the Web Bug is located on
- The URL of the Web Bug image
- The time the Web Bug was viewed
- The type of browser that fetched the Web Bug image
- A previously set cookie value
Advertising
- Hypothetically, one may use XSIO as a way to publish some advertisement in the form of an
image. This way the attacker may use the webpage to publish advertisements for free.
- Another case of use for this kind of attack may include publishing wrong news, hoaxes, etc.
For example, as in the case of a typical malware vendor,someone may put a gif animated image, displaying
some alert or warning or virus hoax, and a hyper link to this image pointing to a malicious
website. This scenario may also involve displaying an advertisement for a malicious antispyware
product linked to a malicious site.
|
|
|
|
|
|
|
