Resources Blog Expert Shows How Hackers Can Use CSRF Browser Vulnerability

Expert Shows How Hackers Can Use CSRF Browser Vulnerability

March 31, Softpedia – (International) Expert shows how hackers can use CSRF browser vulnerability. The hacker who broke into GitHub to demonstrate a vulnerability warns that cross-site request forgery (CSRF), a security hole that affects all browsers, must be addressed immediately because it poses a great risk for unsuspecting users. He claims CSRF security holes have been present for a long time, but many underestimated the dangers hiding behind them. Unlike cross-site scripting attacks which exploit the trust of a user towards a particular site, CSRF attacks rely on the trust that a site has in a browser. The expert explains that when users sign in to any site, dubbed by the researcher as, they are remembered by the cookie mechanism. By leveraging the vulnerability, the hacker can shorten the Web site’s session and social engineer the victim into signing in again. The user signs in the second time and a malicious script is triggered. Then, when the user visits a second site, named, the exploit begins.


Picture of Ali Loney

Written by Ali Loney

Ali Loney is a Senior UX Designer at Walmart Labs. She is based in Canada and was the former Graphic Designer at Sonatype.