Clickjacking is on the rise

Clickjacking

A web browser exploit known as "clickjacking" has steered a demand to disable all browser scripting and plug-ins until a patch is available.

A warning was sent by U.S CERT about the notorious exploit. The agency further stated that the flaw targets web browsers which can be temporarily alleviated by deactivating web scripting as well as plug-ins. Apple Safari, Google Chrome, and Microsoft Internet Explorer are among those browsers leveled by the flaw.

Clickjacking is an attack launched by malicious web pages embedding objects such as framed documents or plugin content which may lead to unwanted results if clicked by the current user.

Using DHTML, and CSS, the attacker can hide the click target in various ways which go totally unidentified by the user, who’s effortlessly tricked into clicking it in a more or less blind way.

Clickjacking enables an attacker to force a user click on an invisible link, without user knowledge or consent.