Comment by spullara
13 years ago
I did this experiment by bitsquatting all the domains around cloudfront.net after hearing about it from defcon. It works. You basically have the opportunity to replace the javascript of tons of sites. I simply served 404s. What was really interesting to me was the varied places where the corruption occurs. Some of the requests even have the correct Host header. Now you know why the old PC was so flaky!
I've started thinking about all those banks [1] and other pages serving like/tweet buttons on the login page.
Or pages including Google Analytics. If the described behaviors really take place, given the massive scale of deployment of Google Analytics, Statcounter, FB buttons, jQuery includes from CDNs, you should be able to do arbitrary JS injections to a non-trivial number of users (though very random).
[1] http://my.opera.com/hallvors/blog/2012/05/11/social-media-ba...