Marrakesh, Mar. 21 (Maroc-Actu) –
Browser users Google Chrome are exposed to a browser-in-the-browser (BitB) attack when they attempt to connect to a website from an online account. Google, Twitter or Facebookamong others
A Google browser user who wants to save time when logging into a website using their Gmail, Facebook or Twitter account may encounter a pop-up window that looks very similar to the real one and transmits personal data to a hacker, not a trusted site.by a technique known as “phishing”.
As reported by the Android Police site, which in turn reproduces the information published by The Register, the discovery was made by a researcher who, under the username mr.d0x and after pondering possible ways to attack the browser, found a potential weakness and created a series of templates to do this, which he then published on Github.
These templates allow you not only to recreate a pop-up window for login, but also to customize url and thus make it harder for the user to verify its veracity, as it told Bleeping’s computer.
In these cases, users are advised to make sure beforehand where they are accessing and to whom they are transmitting their personal data. Additionally, two-step authentication can be enabled to create an additional protective barrier.