This Google Chrome tool could actually be used to steal login data
Chrome Application Mode can be used to trick people
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
Researchers have found thatGoogleChrome’s Application Mode can be abused for phishing threats.
Used to offer ChromeOS users a clean, minimal interface for certain websites such asYouTube, when launched, Application Mode brings up a newbrowserwindow without the address bar, toolbars, or other familiar elements - even the taskbar displays the website favicon instead of the Chrome icon.
But this mode can be abused, cybersecurity researcher mr.d0x discovered. If an attacker manages to convince a user to run a Windows shortcut that runs a phishing URL with Chromium’s Application Mode feature, the user will only see what seems to be the login form for an app. In reality, though, it would be a phishing page thatstealspeople’s login data.
Shortcut files
Ever sinceMicrosoftmoved to kill malicious Office files, cybercriminals have been pivoting towards Windows shortcut files (.LNK).
Cybersecurity experts have since uncovered countless attack campaigns that successfully leveraged .LNK files to deliver all kinds of viruses and malware, from QBot, to BazarLoader, to anything in between.
Explaining this new potential method, mr.d0x says an attacker could use a shortcut file to launch a phishing “applet” on the victim’s endpoint:
What is phishing and how dangerous is it?>Everything you need to know about phishing>Keep your devices safe with the best malware removal tools out there
There are multiple ways to abuse this flaw, mr.d0x added, including having access to the target device, using a portable HTML file with the “-app” parameter embedded, or using the Browser-in-the-Browser technique to add a fake address bar. Finally, the attack can also be pulled off on macOS and Linux devices, he said.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Via:BleepingComputer
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.
A new form of macOS malware is being used by devious North Korean hackers
Scammers are using fake copyright infringement claims to hack businesses
We might have our first look at the long-rumored Samsung tri-fold
