all InfoSec news
MetaMask - stealing ETH by exploiting clickjacking - $120,000 bug bounty
June 28, 2022, 1:03 p.m. | Bug Bounty Reports Explained
Bug Bounty Reports Explained www.youtube.com
📧 Subscribe to BBRE Premium: https://bbre.dev/premium
📣 Follow me on twitter: https://bbre.dev/tw
This video an explanation of a clickjacking bug in MetaMask that allowed the attacker to steal victim's Ethereum with a few clicks. Metamask paid $120,000 bug bounty for it to United Global Whitehat Security Team (UGWST), including René Kroka and José Almeida.
PoC code: https://bbre.dev/mm-poc
🖥 Get $100 in credits for Digital Ocean: https://bbre.dev/do
Timestamps:
00:00 Intro
00:47 What is …
bounty bug bug bounty clickjacking eth exploiting metamask stealing
More from www.youtube.com / Bug Bounty Reports Explained
HTTP Multiline headers #bugbounty #bugbountytips #bugbountyhunter
1 week, 5 days ago |
www.youtube.com
Browser-powered desync #bugbounty #bugbountytips #bugbountyhunter
1 week, 6 days ago |
www.youtube.com
Client-side path traversal #bugbounty #bugbountytips #bugbountyhunter
1 month, 1 week ago |
www.youtube.com
Jobs in InfoSec / Cybersecurity
Cyber Security Engineer
@ ASSYSTEM | Bridgwater, United Kingdom
Security Analyst
@ Northwestern Memorial Healthcare | Chicago, IL, United States
GRC Analyst
@ Richemont | Shelton, CT, US
Security Specialist
@ Peraton | Government Site, MD, United States
Information Assurance Security Specialist (IASS)
@ OBXtek Inc. | United States
Cyber Security Technology Analyst
@ Airbus | Bengaluru (Airbus)