Pages Menu
Categories Menu

Posted by on Dec 12, 2012 in Software |

Internet Explorer: discovered vulnerability that threatens the virtual keyboards

12-13-2012 12-51-45 AM

Many sites that handle sensitive information or are related to financial transactions, such as the online platform of any company or of course, banks are making it easier for people who want to access them a virtual keyboard with the intention that, by not be typing anything, can not be registered any account information or passwords of people, either by hackers or malicious software vigil, which is commonly known as a “keylogger”. However, a new vulnerability discovered by a company dedicated to the development of web analytics programs, would jeopardize the virtual keyboards.

As seen in the demo video above, this vulnerability would allow a hacker to record all movements made by the user’s mouse or mouse, so when we use one of these virtual keyboards as common in the web of our banks, also could be a record of the password that we entered to access the platform.

The vulnerability has been discovered by the company Spider.io that, as mentioned earlier, is dedicated to developing software for web analytics applications. The worst part is that the vulnerability has been discovered in from version 6 to 10, so to be talking about one of the most widely used web browsers in the world (if not the most used) , presents a significant risk to any person.

However, we must take into account that this is much more complicated than it sounds, since the malicious person who attempts to secure the password or data that we are introducing a virtual keyboard, you have to know exactly who we’re visiting website as well The security system of banks and platforms with sensitive information often change position keys on the virtual keyboard, like many of us we will have proven, so the task for the hacker it becomes much more difficult.

One curious and criticism is that although the Spider.io claim to have notified in the month of October this failure, have not been resolved or have made an official statement on the matter.

Tags: , , ,