New phishing attack exploits Chrome app mode – Research Snipers
Google will phase out support for Chrome apps in favor of Progressive Web Apps (PWAs) and standard web technologies. A new attack pattern for phishing now shows that this is important for security reasons. Starting with Chrome 109 or later, Google will completely remove Chrome apps on Windows, macOS, and Linux.
Until then, users should be extra careful when signing up for web-based services and applications online. Hackers can use “app mode” in Chromium browsers for covert phishing attacks, as security researcher mr.d0x now explains.
It becomes extremely difficult for users to see through the scam. A new phishing technique exploits the “Application Mode” feature of Chromium-based web browsers to create “realistic desktop phishing apps”. Cybercriminals can use it to recreate login windows and obtain sensitive user data, warns mr.d0x.
Application mode is designed to launch the website in a separate browser window while simultaneously displaying the website’s favicon and hiding the address bar.
More attacks designed
According to security researcher mr.d0x, who also developed the Browser-in-Browser (BitB) attack method earlier this year, a malicious actor can exploit this behavior to use HTML/CSS tricks to create a fake address bar at the top of the window and trick users into entering their credentials into deceptive login forms. “Although this technique is more for internal phishing, it can technically also be used in an external phishing scenario,” says mr.d0x.
Advanced phishing attacks
The mechanism works for Windows, macOS, and Linux, making it a potential cross-platform threat. However, the success of the attack depends on the attacker already having access to the target machine.
It’s been a long time since I joined Research Snipers. Even though I worked as a part-time tech news writer, it feels good to be part of the team. On top of that, I’m building a finance-based blog, as a freelance content writer/blogger and video editor.