wasc-whid@lists.webappsec.org

WASC Web Hacking Incidents Database

View all threads

WHID 2011-26: Tunisian government harvesting usernames and passwords

WW
WASC Web Hacking Incidents Database
Wed, Jan 26, 2011 7:49 PM

WHID 2011-26: Tunisian government harvesting usernames and passwords

Entry Title: WHID 2011-26: Tunisian government harvesting usernames and
passwords
WHID ID: 2011-26
Date Occurred: January 4, 2011
Attack Method: Content Injection
Application Weakness: Insufficient Transport Layer Protection
Outcome: Stolen Credentials
Attacked Entity Field: Web 2.0
Attacked Entity Geography:
Incident Description: The Tunisian Internet Agency (Agence tunisienne
d'Internet or ATI) is being blamed for the presence of injected JavaScript
that captures usernames and passwords. The code has been discovered on login
pages for Gmail, Yahoo, and Facebook, and said to be the reason for the
recent rash of account hijackings reported by Tunisian protesters.
Mass Attack: No
Reference:
http://www.thetechherald.com/article.php/201101/6651/Tunisian-government-har
vesting-usernames-and-passwords
Attack Source Geography:
Attacked System Technology: GMail

WHID 2011-26: Tunisian government harvesting usernames and passwords Entry Title: WHID 2011-26: Tunisian government harvesting usernames and passwords WHID ID: 2011-26 Date Occurred: January 4, 2011 Attack Method: Content Injection Application Weakness: Insufficient Transport Layer Protection Outcome: Stolen Credentials Attacked Entity Field: Web 2.0 Attacked Entity Geography: Incident Description: The Tunisian Internet Agency (Agence tunisienne d'Internet or ATI) is being blamed for the presence of injected JavaScript that captures usernames and passwords. The code has been discovered on login pages for Gmail, Yahoo, and Facebook, and said to be the reason for the recent rash of account hijackings reported by Tunisian protesters. Mass Attack: No Reference: http://www.thetechherald.com/article.php/201101/6651/Tunisian-government-har vesting-usernames-and-passwords Attack Source Geography: Attacked System Technology: GMail
WW
WASC Web Hacking Incidents Database
Fri, May 20, 2011 5:18 PM

For those of you who did not see my tweet ­ looks like DabbleDB has shut
down operations - http://www.dabbledb.com/.  We were using this for the WHID
DB data and for generating the Stats/Search interfaces on the project site.
I am currently trying to get a export of the DB and then will be migrating
it to another site.  I am currently looking at Google Fusion Charts -
http://www.google.com/fusiontables/Home.  This looks promising as we need a
site that has good capabilities for data search and visualization.

I will notify the community when we are back up and running.  In the
meantime, there will probably be a slowdown on WHID entries.

-Ryan Barnett
WASC Web Hacking Incident Database (WHID) Project Leader

For those of you who did not see my tweet ­ looks like DabbleDB has shut down operations - http://www.dabbledb.com/. We were using this for the WHID DB data and for generating the Stats/Search interfaces on the project site. I am currently trying to get a export of the DB and then will be migrating it to another site. I am currently looking at Google Fusion Charts - http://www.google.com/fusiontables/Home. This looks promising as we need a site that has good capabilities for data search and visualization. I will notify the community when we are back up and running. In the meantime, there will probably be a slowdown on WHID entries. -Ryan Barnett WASC Web Hacking Incident Database (WHID) Project Leader