Target:_blank → Tabnapping Attack
Why should we care !! How to leverage this flaw in social engineering attacks?
A design flaw in browsers allows for external links to open in new tabs or windows when “target=_blank” attributes are specified in the HTML href elements.
This flaw opens an attack surface for what is called the Tabnapping attack.
Tabnapping attack is a phishing technique that takes advantage of the fact that tabs in the browsers are linked together and can be accessible via window.opener object.
During a tabnapping attack, an attacker sends a web page that has target=_blank attribute and malicious link embedded in it . Once the user clicks on the link, it will open a new tab usually[for distraction] and change the old inactive tab to a fake phishing page to trick the user into thinking that they have logged out of their account and re-login again.
Usually, these types of phishing attacks are impersonating popular services, like email providers or social media login portals to harvest credentials.
How to fix it :
The fix is very simple by adding noopenerand noreferrertags to the href elements on the page:rel=’noopener noreferrer'
<a rel='noopener noreferrer' href="http://google.com/" target="_blank">This is a link to a bad webpage.</a>
