Akamai Diversity

The Akamai Blog

Last of OWASP's Top 10 Still a Potent Threat

Open redirection is the last item on the OWASP Top 10, and it is considered a Web application functionality that can be used by attackers to redirect users from trusted domains to untrusted domains. But it is a potent problem, as Akamai's Threat Research Team discovered in their research on an unusual malicious SEO attack campaign that abused Web applications' open redirect functionality.

In the attack campaign discovered and analyzed by Akamai's Threat Research Team, the attackers abused the redirected Web application's reputation in order to promote search engines ranking for thousands of targeted Web applications. And, more recently Akamai Threat Research Team detected similar volumetric activity while analyzing questionable activity over Akamai's Cloud Security Intelligence (CSI) network. We suspect it is being controlled by the same attackers from a year ago.
The research verified 553 Web applications that have a working open redirect functionality, among those Web applications we identified those associated with fortune 100 companies, government agencies, non-profit organizations and even a bank. Analyzing redirecting pages out of 553 Web applications, 270 are vulnerable to reflected Cross Site Scripting (XSS).