A hacker is capitalizing on a Yahoo! flaw that could allow email accounts to become compromised and could trick users into clicking on malicious websites. But criminal hackers will have to pay to obtain details about how to conduct this hack. The cost: $700.
Brian Krebs on his blog Krebs on Security reported last week that an Egyptian hacker was offering this deal on an “exclusive cybercrime forum” called Darkode. The hack itself steals cookies, which Krebs explains leads hackers into their target’s account where they can send or read emails. Here’s how the hacker going by “The Hell” advertised his exploit, according to Krebs:
More“I’m selling Yahoo stored xss that steal Yahoo emails cookies and works on ALL browsers. And you don’t need to bypass IE or Chrome xss filter as it do that itself because it’s stored xss. Prices around for such exploit is $1,100 – $1,500, while I offer it here for $700. Will sell only to trusted people cuz I don’t want it to be patched soon!”
No comments:
Post a Comment