New SVG technique enables highly interactive clickjacking attacks
A security researcher has unveiled a novel web exploitation technique dubbed “SVG clickjacking,” which significantly elevates the sophistication of traditional user-interface redress attacks.
Unlike standard clickjacking, which typically involves tricking users into clicking a hidden button on a static overlay, this new method allows attackers to create complex, responsive, and highly interactive fake interfaces that sit on top of legitimate websites.
The core of this technique lies in the creative misuse of Scalable Vector Graphics (SVG) filters.
Read more at GB Hackers