“Tricking a web-userinto clicking on somethingdifferent to what he / she meant”
And it Exploits…Social platforms (Fb, Twitter, G-plus etc)PPC – based platforms (Banners, Adsense, AffiliateNetworks)Computers, Browsers etc. to download malicious files, apps,software.And probably more.
With Clickjacking you can…Get more facebook fans/likes, twitter followers, google pluses,youtube subscribers and more.Make more by improving CTR of CPC-based platforms, i.e.generate more banner clicksForce web-users to download malicious files, apps, softwareTake over the world
Facebook Like Manipulation (1):Get as many Facebook-fanpage likes as possible.
Facebook Like Manipulation (2): Use the facebook like trigger to spread the rumor.Force users to share your urls (aff, malicious, files)
Facebook Like Manipulation (3):Convert your Facebook like button to an innocent banner
Google Plus Manipulation:Rank your Youtube videos shortly in Google Serps
Google Adsense Manipulation:Generate more Adsense ads’ clicks, unconsciously
Looks cool. What about live examples?Take a Look: Google Adsense Exploit: DemoMouse-cursor Overall Exploit: DemoFacebook-like Trapped Banner: DemoFake Cursor Exploit: Demo
Spooky… How can we avoid getting clickjacked?You should… Watch Out Your Clicks
Thanks For Listening By Sagi Kahalany | www.black-jack.co.il