Firefox, Opera Allow Phishing by Data URI Claims New Paper

By Monday, September 3, 2012 0 , , Permalink 0

Phishing is an attack through which criminals design sites that look similar to that of banks, e-commerce sites and by masquerading them as legitimate sites they get gullible users into entering personal information, credit card details and the likes. The main hurdle that these criminals face is to find a server to host such a site and to quickly fool as many users as possible before hosting companies and law enforcement authorities block them.

The new paper claims that malicious web pages can be stored into data URIs (Uniform Resource Identifiers) whereby an entire webpage’s code can be stuffed into a string, which if clicked on will instruct the browser to unpack the payload and present it to the user in form of a page.

Till recent times, stuffing a web page into a URI would have definitely raised suspicion because of the size of the data string – pretty long in most of the cases. But, with the advent of link shortening services, this URI can now fit into just few characters and it can be shared through social networking sites, file sharing sites, emails, etc.

This is where the whole thing gets a bit dangerous. In his paper, Phishing by data URI [PDF], Henning Klevjer has claimed that through his method he was able to successfully load the pages on Firefox and Opera. The method however failed on Google Chrome and Internet Explorer.

The new phishing method can also get around defense systems such as web filtering. Sophos notes that criminals may also stuff malicious Java applet into data URIs and this is particularly dangerous in wake of recent Java vulnerabilities.

jquerylibs.org | 521: Web server is down

Error 521 Ray ID: 20d7cb2c56ea0779 • 2015-07-29 09:28:26 UTC

Web server is down

You

Browser

Working
Newark

CloudFlare

Working
jquerylibs.org

Host

Error

What happened?

The web server is not returning a connection. As a result, the web page is not displaying.

What can I do?

If you are a visitor of this website:

Please try again in a few minutes.

If you are the owner of this website:

Contact your hosting provider letting them know your web server is not responding. Additional troubleshooting information.