Contributors
Jeremiah Grossman
(WhiteHat Security)

Ofer Shezaf
(Breach Security) [Project Leader]

The Web Hacking Incidents Database
Last update:17 February 2008

List of Incidents for a Classification

Please note that classifications are a new feature and not all entries in WHID are already classified, so when you get a certain number of entries for a classification, WHID might have more records matching that classification that we did not classify yet. We hope to complete the classification process soon.

Select classification:
Attack Method, Country, Location, Origin, Outcome, Software, Vertical

Select criteria for classification "Location":
Client

List of incidents for which Location is Client
WHID 2008-05: Drive-by Pharming in the Wild
Reported: 28 January 2008
Occurred: 21 January 2008

Classifications:

  • Attack Method: Known Vulnerability
  • Attack Method: Drive by Pharming
  • Attack Method: Cross Site Request Forgery (CSRF)
  • Country: Mexico
  • Location: Client
  • Outcome: Leakage of Information
  • Outcome: Monetary Loss
  • Software: DSL Router
  • Vertical: Finance

Symantec reported an active exploit of CSRF against residential ADSL routers in Mexico (WHID 2008-05). An e-mail with a malicious IMG tag was sent to victims. By accessing the image in the mail, the user initiated a router command to changethe DNS entry of a leading Mexican bank, making any subsequent access by a user to the bank go through the attacker's server.

References:


This work is licensed under the Creative Commons Attribution License. To view a copy of this license, visit http://creativecommons.org/licenses/by/2.5/ or send a letter to Creative Commons, 559 Nathan Abbott Way, Stanford, California 94305, USA.
 
© Copyright 2005, Web Application Security Consortium. All rights reserved.