He calls the technique "cookiejacking", as it relies on the cookie information stored by the web browser to keep users access credentials and other information for certain websites. Depending on many conditions, stealing cookie credentials (which is by no means a new attack method) could allow a hacker to access the account of a victim on a certain website.
In this case, the Italian researcher, Rosario Valotta, finds that to exploit the flaw, you need to persuade a victim to click an item in the browser, drag it and then drop it somewhere. While it sounds like a difficult task, Valotta put it to test with his Facebook account with surprising results.
He built a puzzle which allows a user to use their pointer to undress a photo of an attractive woman. The drag/drop motion needed by the puzzle is enough to exploit the flaw in IE.
"I published this game online on FaceBook and in less than three days, more than 80 cookies were sent to my server," he said. "And I've only got 150 friends."
Microsoft is aware of the problem but it is not considering it high risk, due to the level of user interaction required and other factors, such as the need to target cookies from the website a user has already logged into.
Written by: James Delahunty @ 26 May 2011 15:04
