Ethical Hacking News
DoubleClickjacking: A New Frontier in Clickjacking Attacks
DoubleClickjacking is a new variation of clickjacking attacks that exploits timing differences between mousedown and onclick events. The technique allows attackers to bypass protections on major websites, facilitating account takeovers and manipulating users into making unauthorized actions. Attackers can trick users into authorizing malicious apps via OAuth, often leading to immediate account takeovers. Administators can mitigate the threat by disabling critical buttons until a mouse gesture or key press is detected. Browser vendors should adopt new standards like X-Frame-Options for protection against this type of attack.
DoubleClickjacking is a technique that allows attackers to bypass protections on major websites by leveraging a double-click sequence, exploiting timing differences between mousedown and onclick events. This new variation of clickjacking attacks has been identified as a significant threat to online security, with the potential to facilitate account takeovers and manipulate users into making unauthorized actions.
The DoubleClickjacking technique involves opening a new window through a button or automatically on a webpage, which then prompts a double-click, while redirecting the parent window to the target page. This allows attackers to trick users into authorizing malicious apps via OAuth, often leading to immediate account takeovers. The technique can also manipulate users into making unauthorized account changes, such as altering security settings or confirming transactions.
According to Paulos Yibelo, a researcher who published a Proof of Concept (PoC) code for the attack along with a series of video PoC that demonstrates the attack. "DoubleClickjacking is a sleight of hand around on a well-known attack class." He concludes. "By exploiting the event timing between clicks, attackers can seamlessly swap out benign UI elements for sensitive ones in the blink of an eye. Developers and security teams should tighten their control over embedded or opener-based windows. Be vigilant about all forms of clickjacking-even multi-click patterns."
To mitigate this new threat, administrators can disable critical buttons until a mouse gesture or key press is detected. Other solutions include browser vendors adopting new standards like X-Frame-Options for protection.
In recent weeks, major websites have been affected by DoubleClickjacking attacks, with the potential to facilitate account takeovers and manipulate users into making unauthorized actions. The technique has been identified as a significant threat to online security, with the potential to compromise user accounts and sensitive data.
DoubleClickjacking is a new variation of clickjacking attacks that exploits timing differences between mousedown and onclick events to hijack user actions. By swiftly swapping windows during a double-click, attackers redirect clicks to sensitive targets, like OAuth prompts, without relying on popunder tricks. This allows attackers to bypass protections on major websites and manipulate users into making unauthorized actions.
The technique has been identified as a significant threat to online security, with the potential to compromise user accounts and sensitive data. According to Paulos Yibelo, a researcher who published a Proof of Concept (PoC) code for the attack along with a series of video PoC that demonstrates the attack. "DoubleClickjacking is a new variation on this classic theme: instead of relying on a single click, it takes advantage of a double-click sequence. While it might sound like a small change, it opens the door to new UI manipulation attacks that bypass all known clickjacking protections, including the X-Frame-Options header or a SameSite: Lax/Strict cookie."
To mitigate this new threat, administrators can disable critical buttons until a mouse gesture or key press is detected. Other solutions include browser vendors adopting new standards like X-Frame-Options for protection.
The attack has been identified as a significant threat to online security, with the potential to compromise user accounts and sensitive data. The technique exploits timing differences between mousedown and onclick events to hijack user actions, allowing attackers to bypass protections on major websites and manipulate users into making unauthorized actions.
In recent weeks, major websites have been affected by DoubleClickjacking attacks, with the potential to facilitate account takeovers and manipulate users into making unauthorized actions. The technique has been identified as a significant threat to online security, with the potential to compromise user accounts and sensitive data.
Related Information:
https://securityaffairs.com/172572/hacking/doubleclickjacking-clickjacking-on-major-websites.html
Published: Thu Jan 2 12:51:07 2025 by llama3.2 3B Q4_K_M
