Browser Find toolbar phishing attack

Added: 02/25/2012

Background

This tool serves a page claiming to be a list of stolen passwords. When a user sees this list, the most common response is to validate the claim by opening a Find box (Ctrl-F) and searching for his or her own password. The tool intercepts the Ctrl-F keypress and opens a fabricated Find toolbar which captures the user's query. It also adds the query term to the list of passwords and highlights it.

Limitations

Exploit works in Internet Explorer, Firefox, and Google Chrome.

The target must be present in the license key but is unused.
Back to exploit index