Popular mobile browsers are vulnerable to attacks |
Cybersecurity researchers have uncovered details of the vulnerability that impersonated the address bar so that the vulnerability affects popular mobile browsers such as Apple's Safari and opens the door to phishing attacks and malware.
Other affected mobile browsers are (UCWeb), (Opera Touch), (Yandex Browser), (Bolt Browser) and (RITS Browser).
The vulnerability was discovered by Pakistani security researcher Rafai Baloch in Summer 2020. The vulnerability was first reported in August and has been fixed by browser manufacturers in the past few weeks.
The problem arises from the use of malicious executable code (JavaScript) on random websites. If the page continues to load to a different address chosen by the attacker, the browser must update the address bar.
(Raphael Baloch) said in a technical examination: The reason for this vulnerability is that Safari maintains the URL bar as requested via a random port and reloads the specified interval function "bing.com:8080" every 2 milliseconds, then the user does not know to run. Point from the original URL to the phishing URL.
An attacker can create a malicious website and trick the target into opening a link from a deceptive email or text message, causing the recipient to download malware or risk their data being stolen.
The study also found that the version of the Safari browser for macOS is prone to the same bug. However, Apple released an update (Big Sur macOS) last week to fix the bug.
It should be noted that this is not the first time that this vulnerability has been discovered in the Safari browser. Just as Baloch revealed a similar type of vulnerability back in 2018, the vulnerability caused the browser to remain in the address bar by delaying the timing caused by JavaScript. And download the contents of the phishing page.
According to Baloch, exploiting browser-based vulnerabilities (such as address bar spoofing) can increase the success of phishing attacks as phishing attacks continue to increase.
He added: If the address bar points to a trusted website and there are no signs of fraud, then it is easy to convince the victim to steal data or spread malware. Because the vulnerability exploits certain browser functions, many antivirus programs can be avoided.