A developer James Fisher has found a simple security bug in Chrome for mobiles which can be used to launch phishing attacks. To demonstrate how easy it is to use a fake address bar for malicious attacks, he created a proof-of-concept exploit for the Google Chrome Android web browser.
Fisher created the “inception bar” – a fake address bar – which shows up on Chrome’s mobile browser. The bar does not disappear until you end up visiting another website. But the bug allows more to happen as the fake address bar shows up over the original address bar. So, as the user assumes that he/she is scrolling safely they are actually unsafe.
There are several ways in which a user can spot these fake address bars. One of the ways you could do this is by using the dark mode of Chrome. The Chrome dark mode is of help as the fake address bars are usually white while the dark mode uses the color black for its URL bar. Another way to spot a fake is to keep an eye on the number of tabs displayed in the tabs icon as Inception bars tend to display incorrect number. According to 9to5 Google, you can also force the browser to show the real address bar by locking and then unlocking the phone.
Reliance Jio to launch low-cost Android Smartphones by December
Elon Musk’s Starlink satellites can help Belarus over Internet Censorship
5G spectrum prices could be lowered due to a ban on Chinese vendors
Samsung and Benow launch a digital platform for local retail stores in India
FMCG companies help retailers get back to work
© 2020 CIO Bulletin. All rights reserved.