Thanks to a new phishing technique, malicious actors could siphon private details by merely impersonating legit login forms in Application Mode.
The Application Mode feature can be accessed in all Chromium-based browsers, which includes Google Chrome, Microsoft Edge, and Brave.
According to mr.d0x, a security researcher who has also unearthed the Browser-in-the-Browser (BitB) attack and Microsoft WebView2 phishing methods previously, desktop applications are normally harder to spoof, hence, victims don’t pay much attention to as compared to browser windows that are more widely exploited for phishing.
Chrome’s application mode is created to provide native-like experiences in a manner that causes the website to be launched in a separate browser window, while also showing the website’s favicon and concealing the address bar.
Additionally, the hacker-contro
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: