Wednesday, 29 November 2017


Illegally seeking control of a website by taking over a domain is known as Web Jacking. It is similar to Hi-jacking. In this, actual website is never touched. Instead DNS is compromised.
In these kinds of offences the hacker gains access and control over the web site of another. The hacker may even mutilate or change the information on the site. This may be done for fulfilling political objectives or for money. E.g. recently the site of MIT (Ministry of Information Technology) was hacked by the Pakistani hackers and some obscene matter was placed therein. Further the site of Bombay crime branch was also web jacked. Another case of web jacking is that of the ‘gold fish’ case. In this case the site was hacked and the information pertaining to gold fish was changed. Further a ransom of US $ 1 million was demanded as ransom. Thus web jacking is a process whereby control over the site of another is made backed by some consideration for it.
The Web Jacking Attack Vector is another phishing technique that can be used in social engineering engagements. Attackers that are using this method are creating a fake website and the victim opens the link a page appears with the message that the website has moved and they need to click another link. If the victim clicks the link that looks real he will be redirected to a fake page.
The purpose of this attack is to try to harvest the credentials of users by using a webpage with a valid link which when someone opens that link a new fake page is loading. It is a quite interesting technique that ties to trick the user to believe that the webpage is real because the link is valid.

Users must be aware of this type of attack especially when they are visiting a webpage that contains similar messages about websites or objects that have moved to new locations.

Renu Yadav
Assistant Professor

No comments:

Post a Comment