Unbelievable! Working and Active Exploit on citibank.com and Many Other Sites

Thursday, June 22nd, 2006

Updated: July 15th, 2006

Edit: this has now been fixed, but I'm sure many sites are still vulnerable.

Here's the link: click here

Unbelievable! This exploit is claimed to exist on 250+ sites. Here's the quote from the guy who found it:

"Look by yourself - this is how citibank.com cares about phishing and password theft. I reported it 20 hours ago. Nothing happened. Maybe it's time to make it public? It is an active link to working exploit, ready to send YOUR data from citibank.com domain to attacker's server - so dont give your real login and pass please."

Reported on digg.com.

Posted by Artem Russakovskii in Security

(No Ratings Yet)

Loading ...

Do NOT Use This Perl Module: Passwd::Unix
Comcast Unleashes PowerBoost On Uploads (woot!!111one)
MySQL Conference Liveblogging: Optimizing MySQL For High Volume Data Logging Applications (Thursday 2:50PM)
A Happy Weatherman?
About

M	T	W	T	F	S	S
« Mar				Jul »
			1	2	3	4
5	6	7	8	9	10	11
12	13	14	15	16	17	18
19	20	21	22	23	24	25
26	27	28	29	30

beer planet