Popular Browsers Vulnerable To URL Address Bar Spoofing Attacks

Cyber Security researcher Rafay Baloch on Tuesday disclosed address bar spoofing vulnerability which affected popular browsers, such as Safari, Opera, and Yandex which could be exploited and allows attackers to trick the browser into displaying different web address than actual websites that the user is on.

What is Address Bar Spoofing?

These types of vulnerabilities have been around for a long time.

[embedded content]

In this case, what an attacker does is modify the real URL and thus display a fake page instead of the legitimate one. This technique is generally used to impersonate well-known sites used by users. The victim is confident, they think they are actually visiting the legitimate page, but instead, they’re vulnerable to phishing and various other threats.

Keep in mind that modern browsers have functions and features to detect these types of problems. However, sometimes those failures appear and allow them to be exploited without being detected. This would leave a window open for hackers to carry out their attacks.

However, these are the affected mobile browsers Opera, Safari, as well as other lesser-known ones such as UCWeb, Yandex, Bolt or RITS, are affected by this problem.

The vulnerability allows the delivery of malware and carries out Phishing attacks. It was discovered by security researcher Rafay Baloch and Rapid7’s Tod Beardsley, who helped Rafay disclose the flaws to the developers of the affected browsers and they have released updates to patch it.

Therefore, it is necessary that users who use any of these browsers on their mobile phones have the latest version. In this way, they will be protected and will not suffer problems like the ones we have mentioned, such as malware entering the device or seeing passwords being stolen through Phishing attacks.

Also Read: Make Money by Reporting Vulnerabilities From Facebook, Google, and Others

This problem is caused by the use of malicious executable JavaScript code on an arbitrary website to force the browser to update the address bar while the page is still loading in another address chosen by the attacker.

Basically, we can say that an attacker can configure a malicious website and entice the target to open the link of a fake email or text message, leading an unsuspecting recipient to download malware or risk having their credentials stolen.


Source: The Hack Today

Leave a Reply

Your email address will not be published. Required fields are marked *