Home » Technology » Internet » Chrome vulnerability: New Phishing Attack Exploits Chrome Application Mode

Chrome vulnerability: New Phishing Attack Exploits Chrome Application Mode

Google will phase out support for Chrome apps in favor of Progressive Web Apps (PWAs) and standard web technologies. A new attack scheme for phishing now shows that this is important for security reasons. Beginning with Chrome 109 or later, Google will completely phase out Chrome apps on Windows, macOS, and Linux.

Until then, users should be extra careful when signing up online for services and web apps. Hackers can use “app mode” in Chromium browsers for covert phishing attacks, as security researcher mr.d0x now explains.

It becomes extremely difficult for users to see through the scam. A new phishing technique exploits the “Application Mode” feature in Chromium-based web browsers to create “realistic desktop phishing applications”. Cybercriminals can use this to recreate login windows and obtain sensitive user data, warns mr.d0x.

Application mode is designed to launch the website in a separate browser window while simultaneously displaying the website’s favicon and hiding the address bar.

More attacks devised

According to security researcher mr.d0x, who also developed the browser-in-the-browser (BitB) attack method earlier this year, a malicious actor can exploit this behavior to use some HTML/CSS tricks to create a fake address bar at the top of the window and trick users into entering their credentials in deceptive login forms. “Although this technique is more intended for internal phishing, it can technically also be used in an external phishing scenario,” says mr.d0x.

Advanced Phishing Attacks

In addition, the attacker-controlled phishing site can use JavaScript to perform other actions, such as: For example, closing the window immediately after entering credentials, or resizing and positioning the window to achieve the desired effect.

The mechanism works for Windows, macOS, and Linux, making it a potential cross-platform threat. However, the success of the attack depends on the attacker already having access to the target’s machine

Ron Harold

It has been a long time since I joined Research Snipers. Though I have been working as a part-time tech-news writer, it feels good to be part of the team. Besides that, I am building a finance-based blog, working as a freelance content writer/blogger, and a video editor.