Twitter, Hotmail, LinkedIn, Yahoo Open To Hijacking

Twitter, Hotmail, LinkedIn, Yahoo Open To Hijacking 50

Posted by Soulskill on Friday March 22, 2013 @10:19AM from the another-day-another-way-to-steal-data dept.

mask.of.sanity writes "Twitter, Linkedin, Yahoo! and Hotmail accounts are open to hijacking thanks to a flaw that allows cookies to be stolen and reused. Attackers need to intercept cookies while the user is logged into the service because the cookies expire on log-out (except LinkedIn, which keeps cookies for three months). The server will still consider them valid. For the Twitter attack, you need to grab the auth_token string and insert it into your local Twitter cookies. Reload Twitter, and you'll be logged in as your target (video here). Not even password changes will kick you out."

Twitter, Hotmail, LinkedIn, Yahoo Open To Hijacking

Search 50 Comments Log In/Create an Account

Comments Filter:

Hotmail (Score:5, Funny)

by thepike ( 1781582 ) writes: on Friday March 22, 2013 @10:23AM (#43246243)

Hotmail still exists?

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

Twitter, Hotmail, LinkedIn, Yahoo Open To Hijacking 50

Twitter, Hotmail, LinkedIn, Yahoo Open To Hijacking More Login

Twitter, Hotmail, LinkedIn, Yahoo Open To Hijacking

Hotmail (Score:5, Funny)

Related Links Top of the: day, week, month.

Slashdot Top Deals

Slashdot