Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11New phishing toolkit discovered that makes it easy to create fake Chrome browser windows
This fake window is designed to be extremely lifelike, and also comes with a series of login options familiar with Google, Microsoft, Apple, Twitter or even Steam. The example below shows the DropBox login form, allowing users to sign in with an Apple or Google account.
When you click the Login in Google or App button, a single sign-on (SSO) browser window will be displayed, prompting you to enter your credentials and proceed with your account login.
These windows are removed to show only the login form and a URL address bar of the login form.
Although the address bar is disabled in these SSO windows, you can still use the displayed URL to verify that a legitimate google.com domain is being used to log you into the site. The presence of this URL makes the form more trustworthy, and will make you feel comfortable, no doubt, when entering your login information.
In the past, threat actors have attempted to create these masquerade SSO windows using HTML, CSS, and JavaScript. But there's usually something slightly different about the windows, making them look suspicious rather than 'real' as in the case above.
Browser in the Browser Attack
The emergence of these fake browser windows leads to a new form of attack called "Browser in the Browser (BitB)". They use ready-made templates to create fake Chrome pop-ups, but are designed to look like the real thing, including custom URLs and address headers that can be used in phishing attacks.
Basically, BitB attack creates fake browser windows inside real browser windows (browser within browser), thereby helping to improve the persuasion of the phishing activity.
A security researcher with the nickname mr.d0x recently released examples of BitB attack samples (via GitHub). These include fake Chrome windows on both Windows and Mac, with variations in the appearance of dark and light backgrounds.
Malicious actors sometimes simply download templates, edit them to contain the desired URL and title, and then use an iframe to display the login form. Alternatively, it is also possible to add HTML for the login form directly. However, this process will require the hacker to know how to properly align the form using CSS and HTML.
Kuba Gretzky, the creator of the Evilginx phishing toolkit, tested the new method and showed how it works perfectly with the Evilginx platform. This means it can be adapted to steal 2FA keys in phishing attacks.
In fact, this is not a scam technique. In 2020, there have been many cases of fake game websites using the above technique to steal Steam login information.
Kareem WintersYou should read it
- Microsoft Edge is the best browser to prevent phishing
- [Infographic] How to recognize and prevent Phishing attacks
- GitHub is under strong phishing attack, users pay attention to account security
- Learn about the Adversary-in-the-Middle phishing attack method
- What is IPFS Phishing attack? How to avoid?
- [Infographic] 4 types of Phishing are easy to trap users
- J2TEAM Security - Essential security utility on Google Chrome
- UC Browser Android - lucrative bait for URL spoofing attacks
May be interested
- Google put a hand on the tool bar on Chrome
google always wanted chrome to become the no. 1 browser with fast, easy to use and high stability. the company has made many improvements in the past to reach this goal, which is the latest focus on tightening web store rules to prevent tool overload. - Build React apps with Blueprint UI toolkituse the blueprint library and you'll never have to struggle to create an attractive, easily accessible website again.
- How to protect yourself from phishing attacks via mobile phonesmobile phones are a great gadget, and it has marked a huge change in the lives of each of us. combined with the internet, smart phones help users have access to a huge amount of data whenever you need it.
- Chrome users must know these trickswith a user-friendly interface, easy to use, google chrome is currently a browser that many users love and use. to use and exploit the chrome browser most effectively, please refer to some tips in the following article of network administrator.
- How to use Unblock fake IP IP on Chromeip unblock is a vpn utility on the chrome browser, which helps users hide their ip address, access blocked websites.
- After 'weighing' in every way, what is the better browser between Chrome and Firefox?compare watching firefox in 2018 with how dramatic changes will be when confronting chrome.
- New browsers to replace Chrome you should try todaythe browser is the window for the web world. google chrome is still strong today, but there are a few new web browsers that may be better suited for your needs.
- The hidden Chrome menu allows for easy testing of the latest browser testsgoogle added a new menu option to chrome, giving users a preview of the browser's experimental features before they are officially released.
- Chrome browser on Windows computer crashes, this is what you need to dogoogle chrome is one of the most popular and most popular browsers available today. however, recently, quite a lot of users reflect that in the process of using chrome browser to browse the web on windows 10/8/7 computer, sometimes the browser hangs, but can not open the tab , load the page.
- How to set a password for Google Chromethe set password for your browser utility will block google chrome browser with the password set by the user. and others are required to enter the correct password to access the chrome browser.
Attack the network
- Specter V2 vulnerability re-appears to attack Intel, Arm CPUs, AMD chips are not affected
- Notorious botnet TrickBot stopped working, redirected to another form of malicious code that could be more dangerous
- NVIDIA suffered a cyber attack, massive damage estimated
- Ransomware is being used as bait in data destruction attacks targeting Ukraine
- Detecting botnets that can easily bypass Windows Defender and steal crypto wallet data
- Hackers break into chats on Microsoft Teams to spread malware
Specter V2 vulnerability re-appears to attack Intel, Arm CPUs, AMD chips are not affected
Notorious botnet TrickBot stopped working, redirected to another form of malicious code that could be more dangerous
NVIDIA suffered a cyber attack, massive damage estimated
Ransomware is being used as bait in data destruction attacks targeting Ukraine
Detecting botnets that can easily bypass Windows Defender and steal crypto wallet data
Hackers break into chats on Microsoft Teams to spread malware