Thehackernews, by Ravie Lakshmanan, is translated by blue mocha.
True – false address bar attack true and false difficult to distinguish
Cyber security researchers have revealed details of an address bar spoofing bug that affects multiple mobile browsers, such as Apple’s Safari and Opera Touch, opening the door to spear phishing attacks and spreading malware.
Other affected browsers include UC Web, Yandex, Bolt and RITS.
The vulnerabilities were discovered by Pakistani security researcher Rafay Baloch in the summer of 2020 and reported in August by Baloch and web security firm Rapid7 before browser makers addressed them over the past few weeks.
The UCWeb and Bolt browsers have yet to be patched, with Opera Mini expected to do so on November 11, 2020.
The problem is caused by the use of malicious executable JavaScript code in any site, forcing the browser to update the address bar when the page loads to a different address chosen by the attacker.
Original PoC demo
Rafay Baloch, in technical analysis, said: “This vulnerability is due to Safari saving the URL’s address bar and setting the interval function to reload bing.com:8080 every 2 milliseconds when requested through any port, so the user cannot recognize the re-directed from the original URL to the spoofed URL.”
“By default, Safari does not display the port number in the URL unless the focus is set with the cursor, which makes this vulnerability even more effective in Safari.”
In other words, an attacker could set up a malicious website to trick the target into opening a link from a spoofing email or text message, leading to unsuspecting recipients downloading malware or risking certificate theft.
The study also found that the macOS version of Safari is vulnerable to the same vulnerability, which Rapid7 says was addressed in a major update released last week.
This is not the first time such a bug has been found in Safari. Back in 2018, Baloch disclosed a similar address bar spoofing bug that caused browsers to retain the address bar and load content from spoofing pages through javasjavast-induced delays.
“As spear phishing attacks become more sophisticated, the exploitation of browser-based vulnerabilities, such as address bar spoofing, can exacerbate the success of spear phishing attacks and prove to be very deadly,” Baloch said.
“First, when the ** address bar points to a trusted website, ****, and there are no signs of forgery, it’s easy for ** to convince victims to steal certificates or spread malware. Second, because the vulnerability exploits a specific feature of the browser, it can evade multiple anti-phishing schemes and solutions.”
Disclaimer: we respect the copyright of the originator. unless we cannot confirm the author, we will indicate the author and source. Reprinted articles for personal study and research, at the same time to express gratitude to the original author, if related to copyright issues, please contact xiaobian to delete
There’s more to come
Hi, I’m Super Shield
Super shield can do: defend, use affordable, catch fast, play well, see, two-way data encryption!
Successfully defended against the largest 2.47T hacker DDoS attack in history,
It has the advantages of unlimited defense against DDoS and 100% anti-CC