The malicious Russian Tor exit node, which was claimed to be patching binary files, is actually distributing a malware program to launch cyber-espionage attacks against European government agencies.The group behind the rogue Tor exit node had likely been infecting files for more than a year, causing victims to download and install a backdoor file that gave hackers full control of their systems.Last month Josh Pitts of Leviathan Security Group uncovered a malicious Tor exit node that wraps Windows executable files inside a second, malicious Windows executable. But when Artturi Lehtiö of F-Secure carried out an in-depth research, he found that the exit node was actually linked to the notorious Russian APT family MiniDuke. Continue reading
A newly detected critical Vulnerability in the Fiverr.com has put up to millions of its users at the risk of being hacked and scammed.An independent Security researcher Mohamed Abdelbaset from Egypt discovered a critical CSRF Vulnerability in the Fiverr.com which allows a attacker to hack any user account available on the Fiverr
Fiverr is a global online marketplace offering tasks and services, beginning at a cost of $5 per job performed,from which it gets its name. The site is primarily used by freelancers who use Fiverr to offer a variety of different services, and by customers
who are interested in buying those services.
What is CSRF?
Cross-site request forgery, also known as a one-click attack or session riding and abbreviated as CSRF or XSRF, is a type of malicious exploit of a website whereby unauthorized commands are transmitted from a user that the websitetrusts.
Abdelbaset Showed the proof of concept in a video which is given below:
- Attacker sends a link to the exploit page(webpage specially designed by the attacker).
- When the Victim clicks the link his current email associated with the fiverr. com gets replaced with the email Attacker coded in his exploit page.
- Attacker gains full access to the victim’s Account.
Fiverr which is very popular with freelancers, had recently raised $30 million in a Series C round of funding to continue supporting the new version of its marketplace. The Company however seems to be less worried about security from cyber threats and has not taken any steps to fix the vulnerability when reported by the researcher. As of now Fiverr is vulnerable to the CSRF vulnerability, now however with the vulnerability being placed in public domain, we as well as Fiverr users can expect a quick patch/fix for the mentioned vulnerability.