Apparently Adobe has fixed the bug I’ve found that enables a swf file to crash the browser, with the last version of the Flash Player (9,0,115,0). I don’t know if it’s related to my post, but, anyway it’s good that it’s been fixed.
Since it’s already fixed, I just want to give an example of how this could have been exploited with a little Social Engineering. This example might look stupid to you and you would have never fall for it but remember, first, it’s only an idea, the real attacker might be more creative, second, some Internet users are far from savvy and might fall for crazier stuff then this.
In this example, the naive user will reach a web site with this text: “I’ve installed a virus on your windows machine and now have full control of it and your FireFox browser. You have exactly 1:00 minute to donate 10$ to my account, click here to donate. If you fail to donate in the appropriate time I will disable your browser for a few minutes. This will be your first and last warning. Afterwards you have exactly 10 minutes to return to this page and complete your donation or your system and personal data will be compromised and damaged permanently. The only way you can remove the virus from your machine is to donate from this page”.
The details like OS and browser will be interchangeable with the real user spec. The user will see the 1:00 minute timer counting, when it’ll reach 0:00, boom! the browser crashes using the Flash bug, if the user try to close the browser or the tab, Javascript’s onbeforeunload can be used to crash the browser and also add some scary alert.
[js]window.onbeforeunload = function()
{
//flash.kill();
return “If you leave this page without donating your system will be lost!!!”;
}[/js]
Some of the users will have enough fear in them to return and donate to the attackers PayPal account. Sound crazy?! Some have been known to fall for crazier phishing tricks. I personally know a few. Take care of the dummies near you.