Tracking pixels can conduct surveillance for targeted attacks
Razer
g2s at riseup.net
Tue Apr 18 11:38:25 PDT 2017
> Malicious hackers can use tracking pixels to help them gather
> intelligence for attack campaigns, both mass and targeted in scope.
>
> Digital marketing firms have long used tracking pixels (longer than
> they've been using the Battery Status API, at least) to analyze email
> and web marketing campaigns. These pixels are image files that are
> usually just one pixel in size, a design which prevents users from
> noticing them in most cases.
>
> With code as simple as <img
> src=”http://example.com/cgi-bin/program?e=email-address”>, the
> marketing tools ping a website whenever someone downloads an image.
>
> Tracking pixels can do more than just provide notice of someone
> engaging with a media file. They can also gather information about a
> user including their IP address, operating system, web browser and
> send it to a designated email address. The operator of that address
> can then use that information to fine-tune an advertising campaign.
>
> Unfortunately, tracking pixels don't just help advertisers. Attackers
> can also abuse them to carry out malicious campaigns.
>
> Donald Meyer of Check Point elaborates on this misuse of tracking
> pixels in a blog post:
>
More:
https://www.grahamcluley.com/tracking-pixels-can-conduct-surveillance-targeted-attacks/
More information about the cypherpunks
mailing list