Caution: Browser in the Browser attacks (BitB)

Μόλις κυκλοφόρησε ένα κιτ ηλεκτρονικού "ψαρέματος" που επιτρέπει σε κακόβουλους χρήστες να δημιουργούν αληθοφανείς και αποτελεσματικές φόρμες s phishing using fake Chrome browser windows.

chrome

When you link to sites, you also see the option to connect with Google, Microsoft, Apple, Twitter or even Steam.

For example, the DropBox login form lets you sign in using an Apple or Google Account, as shown below.

With the new method, when you click the login buttons with Google or Apple, an identical single-sign-on (SSO) browser window will appear asking you to enter your credentials and sign in. with the account.

dropbox login

Malicious users used to try to create these fake SSO windows using HTML, CSS, and JavaScript, but there was usually something that made them look suspicious.

chrome sso

Browser in the Browser attacks

Εδώ έρχεται η νέα μέθοδος "Browser in the Browser (BitB) Attack" που χρησιμοποιεί προκατασκευασμένα πρότυπα για τη δημιουργία πλαστών αλλά ρεαλιστικών αναδυόμενων παραθύρων του Chrome που περιλαμβάνουν προσαρμοσμένες διευθύνσεις URL και τίτλους που μπορούν να χρησιμοποιηθούν σε επιθέσεις phishing.

This attack creates fake browser windows inside the actual browser windows (Browser in the Browser) to create compelling phishing attacks.

Browser attack templates are already in place in GitHub. Συμπεριλαμβάνουν παράθυρα του Google Chrome για και Mac με παραλλαγές σκοτεινής και φωτεινής λειτουργίας.

facebook phishing

Attackers can simply download the templates, edit them to contain the desired one URL, its title and then use an iframe to display the login form.

Kuba Gretzky, the creator of the Evilginx phishing toolkit, tested the new method and said it works perfectly with the Evilginx platform, which means it can be adapted to steal 2FA keys during phishing attacks.

So in the next period it would be good to be more careful with each login form. With the pre-built templates for fake Chrome windows, very convincing login forms for phishing will appear.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.087 registrants.
Browser in the Browser, BitB, chrome, iguru

Written by giorgos

George still wonders what he's doing here ...

5 Comments

Leave a Reply
  1. Good evening George. You are obviously talking about 2FA code theft from applications that generate 2FA codes. We're not talking about passwords being sent to our cell phones, are we? This is only done via SIM swapping as far as I know.

  2. Can we find somewhere in detail if it is true that it can actually steal 2FA keys ???
    The article mentions it briefly, but in a search I made on the subject I did not find anything related to the 2FA keys

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).