Contact us for your penetration testing needs 1-866-PLYNT-24    |   Contact Us   Plynt UK Website  
Click to get Security Testing Quote
Plynt Blog

Phishing meets Cross Site Scripting at Paypal

by Roshen Chandran  | 21 Jun 2006

Netcraft reports a very convincing phishing attack on Paypal, exploiting a Cross Site Scripting vulnerability on the Paypal site.

The phishers exploit a XSS vulnerability on the original Paypal site. They automatically re-direct the user to the Phisher’s site after they are induced to visit the original site. Netcraft has step-by-step screen shots of the attack.

The vulnerable page on the Paypal site was SSL-secured, so a user who visited the page even saw a valid Paypal SSL certificate. The auto-redirect told the users their account had been temporarily disabled, and to visit the “Resolution Center” for re-activating it. The phishers, of course, hosted the Resolution Center.

Paypal has fixed the vulnerability.

This seems to be the first appearance of phishing and XSS together. Expect to see more of this in the coming months.

Plynt provides penetration testing and code review services to clients worldwide. If you are interested, please contact us for a quote. We’ll get back to you within one working day.
Add yours.closed for this post.

Movable Type Appliance - Powered by TurnKey Linux