Chrome, Opera and Firefox vulnerable to undetectable phishing attack

Who I am
Martí Micolau
@martímicolau

Usually use one of the web browsers Chrome, Firefox or Opera? Beware, because a new threat hovers over these services. There are three of the browser most famous and most used, often also considered as very safe. Yet a new one phishing attack puts users at risk.

Hackers have spawned a new phishing-style attack within Chrome, Firefox, and Opera that is very difficult to predict and avoid. Create fake sites, very similar to the originals, where the user can enter lose their credentials and your data. Among the sites imitated are those of Apple, eBay and even Google itself. The new threat was discovered by Chinese cybersecurity researcher Xudong Zheng. It is a variant of a cyber criminal attack already reported in 2001 by two Israeli researchers, Evgeniy Gabrilovich and Alex Gontmakher, and now back in fashion.



How the phishing attack works

Before explaining how the hacker attack works, we need to make a clarification. In past years i cyber criminals they used different graphic characters to create bogus sites with a domain identical to the original one. For example, the domain xn-pple-43d.com would be the equivalent of apple.com , but written with the "A" in Cyrillic at the beginning. Web browser providers have been working on this for years, introducing URL filters such as Punycode, instead of Unicode which generated strong misunderstandings based on the different characters of the various languages.

The mistake

However, in a blog post on his blog, Zheng proved that this technique is not enough to keep cyber criminals out. Thanks to several vulnerabilities in transcribing the URL according to the various codes used, such as Chinese characters or Cyrillic, it is still possible create bogus websites with domain absolutely identical to the original. To demonstrate this, Zheng created the domain xn-80ak6aa92e.com which in Cyrillic means аррlе.com (in Cyrillic characters). A technique that would fool anyone, even experienced users.



Secure web browsers

Not all browsers out there have this flaw. Only Chrome, Firefox and Opera, Because of the filters they use for URLs. Edge, Internet Explorer, and Safari, to name a few, are immune to this attack. Zheng said he had warned Google for some time and the Mountain View company announced that maximum by the end of April will completely solve the problem. Mozilla is thinking of improvements that take a little longer, but in the meantime they can disable manually the Punycode filter to block the phishing attack.



Chrome, Opera and Firefox vulnerable to undetectable phishing attack

Audio Video Chrome, Opera and Firefox vulnerable to undetectable phishing attack
add a comment of Chrome, Opera and Firefox vulnerable to undetectable phishing attack
Comment sent successfully! We will review it in the next few hours.