Hacker sells XSS-exploit Yahoo Mail for $ 700

Posted: November 23, 2012 in IT Security News
Tags: , ,

Hackers attackXSS-ekploit steals user cookies to log in to your account up and running in all the web-browsers.

Egyptian hacker sells XSS-exploit Yahoo! Mail for $ 700. Hacker published “promotional” video, which clearly demonstrates the effect of the exploit users. A copy of the video made by Brian Krebs, and placed it on the resource YouTube.

By recording says that XSS-ekploit steals user cookies to log in to your account and works in all the web-browsers.

“I sell XSS-exploit Yahoo, who steals cookies to log in to your email account users and works on all browsers, – the hacker. – You do not need to bypass the XSS-filters in IE or Chrome, as ekploit uses stored XSS-vulnerability. Prices for these exploits range from $ 1100 to $ 1500, while I offer it for $ 700. Selling only to trusted people, because I do not want to dent fixed soon. “


Brian Krebs reported on his blog that he was associated with the Yahoo!, who said that analyze the information. Company experts are trying to find the exact URL-address, which triggers the exploit.

“Correct gap is easy because most XSS eliminated by simply replacing the code. When we find a vulnerable URL-address we will be able in a few hours to run the new code, “- said Ramses Martinez, head of security Yahoo!.

Links:

http://krebsonsecurity.com/2012/11/yahoo-email-stealing-exploit-fetches-700/

http://news.softpedia.com/news/Hacker-Sells-Yahoo-Mail-Zero-Day-for-700-550-Video-309205.shtml

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s