A developer James Fisher has found a simple security bug in Chrome for mobiles which can be used to launch phishing attacks. To demonstrate how easy it is to use a fake address bar for malicious attacks, he created a proof-of-concept exploit for the Google Chrome Android web browser.
Fisher created the “inception bar” – a fake address bar – which shows up on Chrome’s mobile browser. The bar does not disappear until you end up visiting another website. But the bug allows more to happen as the fake address bar shows up over the original address bar. So, as the user assumes that he/she is scrolling safely they are actually unsafe.
There are several ways in which a user can spot these fake address bars. One of the ways you could do this is by using the dark mode of Chrome. The Chrome dark mode is of help as the fake address bars are usually white while the dark mode uses the color black for its URL bar. Another way to spot a fake is to keep an eye on the number of tabs displayed in the tabs icon as Inception bars tend to display incorrect number. According to 9to5 Google, you can also force the browser to show the real address bar by locking and then unlocking the phone.
Indian stock market surpasses France, could overtake UK too
Ola delays the launch of its much-awaited electric scooter
Paytm, HDFC Bank announce strategic partnership to launch financial products
Dangal Games has entered the casual games segment with the latest unified app launch
Rakesh Jhunjhunwala to partner with industry veterans to launch a new Airline
© 2021 CIO Bulletin. All rights reserved.