Skip to content

Real‐world Example of a Tab Nabbing Attack

Jump to bottom
Raydo Matthee edited this page Jun 16, 2024 · 2 revisions

Table of Contents

Real-world Example of a Tab Nabbing Attack

Share a real-world example or case study of a tab nabbing attack to illustrate the importance of rel="noopener noreferrer". Explain how the attack was carried out, its impact, and how it could have been prevented with the correct use of this attribute.

Tabnabbing Attack Example

Imagine Sarah, a user, is browsing her favorite social media platform. She opens a link to an interesting article in a new tab. While reading the article, she gets distracted and switches to another tab. Meanwhile, the malicious website she opened earlier quietly changes its content to mimic a login page for the social media platform. Sarah, thinking it’s a legitimate login page, enters her credentials. [Unfortunately,](https://www.freecodecamp.org/news/what-is-tabnabbing/).

Example: Sarah’s credentials are stolen due to the malicious tab nabbing attack.

How the Attack Works

Tabnabbing attacks exploit a vulnerability in the same-origin policy, which isolates different websites from each other. Here are the common ways this attack can occur:

  • Malicious Page Opening a Window:
    • The attacker’s website opens a new window or tab via window.open.
    • After some time, the attacker redirects the opened window to their malicious page.
    • For example:
<syntaxhighlight lang="javascript"> var windowHandle = window.open('https://goodsite.example'); // ... windowHandle.location.replace('https://hacked.example'); </syntaxhighlight>
  • Good Site Opening a Window:
    • Your website opens a new window or tab via window.open.
    • The malicious website can then get a handle to your website’s window using window.opener.
    • For example:
<syntaxhighlight lang="javascript"> window.open('https://evil.example'); // ... window.opener.location.replace('https://hacked.example'); </syntaxhighlight>
  • Links with target="_blank":
    • If you link to a malicious website with target="_blank", it opens in a new tab/window.
    • The linked website can refer to the previous window via window.opener.
    • For example:
<syntaxhighlight lang="html"> <a href="https://hacked.example" target="_blank">Click here</a> </syntaxhighlight>
  • Frames (e.g., Advertisements):
    • If your website loads another website in an iframe (e.g., advertisements), the malicious website in the frame can get a handle to the parent window using window.parent.
    • For example:
<syntaxhighlight lang="html"> &lt;iframe src=&quot;https://malicious&#45;ad.example&quot;&gt;&lt;/iframe&gt; </syntaxhighlight>

Prevention Measures

To prevent tabnabbing attacks, use the rel="noopener noreferrer" attribute when opening links in new tabs/windows. This attribute ensures that the new window/tab cannot access the original window, protecting users from potential phishing attempts. [Always](https://www.appsecmonkey.com/blog/tabnabbing).

Remember: A little precaution can go a long way in protecting users from such attacks! 😊

Footer

Contact Information

If you have any questions or need further assistance, please feel free to contact us.

Social Media

Stay connected with us through our social media channels.

Contribution Guidelines

We welcome contributions to enhance and improve this project. Please read our [https://github.com/Skunkworks-Lab-Services/noopener-noreferrer-demo/blob/main/CONTRIBUTING.md Contribution Guidelines] before submitting any changes.

License

This project is licensed under the MIT License. See the [https://github.com/Skunkworks-Lab-Services/noopener-noreferrer-demo/blob/main/LICENSE.md LICENSE] file for details.

Clone this wiki locally