A new type of hybrid file that looks like different things to different programs can be used to steal online credentials. The GIFAR attack relies on a hybrid file called GIFAR, a GIFAR. GIFARs are opened by Java and can be opened in many types of browsers. The attack could work on any Web site that allows users to upload files, researchers say. Browser security is “really an oxymoron,” says WhiteHat Security’s Jeremiah Grossman, chief technology officer with WhiteHat security.”]
Source: https://www.csoonline.com/article/2123020/a-photo-that-can-steal-your-facebook-account.html