Monday, November 4, 2024
HomeAndroidHackers Tricks You With Advanced Phishing Attack using Fake Address Bar on...

Hackers Tricks You With Advanced Phishing Attack using Fake Address Bar on Chrome for Android

Published on

Malware protection

A new form of a sophisticated phishing attack on Android Chrome let hackers hide the original address bar’ screen space by displaying its own fake URL bar when the user scrolls down the web page.

Security researcher James fisher demonstrated this phishing attack by hosting his own domain (jameshfisher.com), and he exploits the flaw in chrome browser for mobile.

The fake address bar that associated with the phishing web page posed with legitimate site URL by intercept the original chrome bar.

- Advertisement - SIEM as a Service

Normally, when we scroll down the web page, browser hides the URL bar and the webpage will overlap on it because the page accessed via “trustworthy browser UI”.

Here, the phishing site abusing this process by displaying its own fake URL bar that posed as a legitimate bar and trick users to give away their personal information.

This attack is even worse, generally when users scroll up the webpage they will again reach the original URL bar, but in this case, attackers can trick users to never reappear the original URL bar.

Researcher call it as “scroll jail”, a trick let move entire page content into it, when users scroll up the page using a new element overflow:scroll.

According to James Fisher, the user thinks they’re scrolling up in the page, but in fact they’re only scrolling up in the scroll jail! Like a dream in Inception, the user believes they’re in their own browser, but they’re actually in a browser within their browser.

Behalf of demonstration, Fisher using HSBC domain (www.hsbc.com) as a fake URL bar and, by using the same way attackers could use any legit website to intercept the URL bar and trick to steal the data.

“Is this a serious security flaw? Well, even I, as the creator of the inception bar, found myself accidentally using it! So I can imagine this technique fooling users who are less aware of it, and who are less technically literate. The only time the user has the opportunity to verify the true URL is on page load, before scrolling the page. After that, there’s not much escape.” Fisher said. He also believes that it might be a security flaw in Chrome browser.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Also Read:

Free tool to Check Website Security, Mobile app, SSL Security & Phishing Test

Hackers Abuse GitHub Service to Host Variety of Phishing Kits to Steal Login Credentials

Google to Block Logins From Embedded Browser Frameworks to Protect From Phishing & MitM Attacks


Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Evasive Panda Attacking Cloud Services To Steal Data Using New Toolkit

The Evasive Panda group deployed a new C# framework named CloudScout to target a...

Massive Midnight Blizzard Phishing Attack Using Weaponized RDP Files

Researchers warn of ongoing spear-phishing attacks by Russian threat actor Midnight Blizzard targeting individuals...

Sophisticated Phishing Attack Targeting Ukraine Military Sectors

The Ukrainian Cyber Emergency Response Team discovered a targeted phishing campaign launched by UAC-0215...

Chinese Hackers Attacking Microsoft Customers With Sophisticated Password Spray Attacks

Researchers have identified a network of compromised devices, CovertNetwork-1658, used by Chinese threat actors...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

Massive Midnight Blizzard Phishing Attack Using Weaponized RDP Files

Researchers warn of ongoing spear-phishing attacks by Russian threat actor Midnight Blizzard targeting individuals...

Sophisticated Phishing Attack Targeting Ukraine Military Sectors

The Ukrainian Cyber Emergency Response Team discovered a targeted phishing campaign launched by UAC-0215...

Hackers Downgrading Remote Desktop Security Setting For Unauthorized Access

The attackers use a multi-stage attack, starting with a malicious LNK file disguised as...