A 'proof-of-concept game' turns PC into undercover surveillance zombie

A blogger has created a proof-of-concept game (based on clickjacking vulnerability) — that uses a PC's video cam and microphone to secretly spy on the player. The demo appears to be a simple game that tests how quickly a user can click on a series of moving targets. Behind the scenes, it combines a generic clickjacking attack with […]

A blogger has created a proof-of-concept game (based on clickjacking vulnerability) — that uses a PC's video cam and microphone to secretly spy on the player. The demo appears to be a simple game that tests how quickly a user can click on a series of moving targets. Behind the scenes, it combines a generic clickjacking attack with weaknesses in Adobe's Flash technology to record the player using the PC's video camera and microphone.

The proof of concept is a powerful demonstration of the spooky implications behind clickjacking. The vulnerability allows malicious webmasters to control the links visitors click on. Once lured to a booby-trapped page, a user may think he's clicking on a link that leads to Google - when in fact it takes him to a money transfer page, a banner ad that's part of a click-fraud scheme, or any other destination the attacker chooses.

Full Article

About The Author

Deepak Gupta is a IT & Web Consultant. He is the founder and CEO of diTii.com & DIT Technologies, where he's engaged in providing Technology Consultancy, Design and Development of Desktop, Web and Mobile applications using various tools and softwares. Sign-up for the Email for daily updates. Google+ Profile.