Tuesday, 16 June 2015

Chinese Tor - And VPN Users Exposed Via JavaScript

A select group of Chinese users of VPN services and the Tor network has become the target of a JavaScript attack that attempted to discover their true identities. Reported security Alien Vault Labs .The company took a "watering hole" attack where, with several Chinese-language websites of NGOs, Uighur and Muslim organizations were hacked.

Watering holes are so called because potential victims to visit the websites of itself. In most of these attacks, the attackers put malicious code on the hacked website that visitors often try to infect via an exploit with malware. Researchers at the Chinese-language websites hacked observed a new technique not previously been applied to watering holes.

The websites had placed a malicious JavaScript file which users through " JSONP hijacking "vulnerabilities in more than 15 major Chinese-language websites are attacking. Through JSONP requests the attackers could steal private data from users if they were logged on a vulnerable websites. It involves major Chinese portals like Baidu, Sina and QQ. Then, the JavaScript code sends the information to a server of the attackers.

It may then go to the real user's name and his email address. According Alien Vault Labs was a small group of people the campaign of the target, which aims to unmask users who visit these sites, even if they come through Tor or a VPN. Researchers call the Chinese websites in question to remedy the JSONP vulnerabilities. In addition, users advised to avoid visiting sensitive sites after they have logged on to another website.

No comments:

Post a Comment