Chrome’s application mode is meant to allow developers to test out their apps before they put them up on stores for people to download, but it turns out that it can be used by malicious actors as well. Numerous threat actors have been using a new phishing technique whereby they utilize the application mode to generate log in forms that look like web browsing apps with all things having been considered and taken into account.
This application mode is not just reserved for Google Chrome either, rather it is available with all chromium based apps including Microsoft Edge as well as the Brave browser. With all of that having been said and now out of the way, it is important to note that desktop apps are generally thought to be safer, and that makes users more likely to put the information into the forms.
Doing so would be dangerous because of the fact that this is the sort of thing that could potentially end up handing over your log in details to a threat actor, and the ease of use of application mode could be contributing to that. The main issue here is that the forms that are being shown to users open up in a separate desktop app that would not show the URL that the form belongs to.
Looking at a URL is a straightforward way to see if a link is legitimate or if is a spoofed log in page, and if users are unable to see the URL they would be more likely to put the details in while being none the wiser. However, the threat actor that is initiating this attack would first need to entice users into clicking a Windows shortcut, so if consumers are more careful about the shortcuts they click on such attacks could be mitigated.
The long and short of it is that malicious actors are continuing to develop new ways to trick unsuspecting users, and they must remain ever vigilant. People should be informed that Windows short cuts could bring up fake log in pages that are meant to phish them.
H/T: Mrd0x
Read next: Google Puts Its Cybersecurity Team In The Spotlight With New Docuseries
This application mode is not just reserved for Google Chrome either, rather it is available with all chromium based apps including Microsoft Edge as well as the Brave browser. With all of that having been said and now out of the way, it is important to note that desktop apps are generally thought to be safer, and that makes users more likely to put the information into the forms.
Doing so would be dangerous because of the fact that this is the sort of thing that could potentially end up handing over your log in details to a threat actor, and the ease of use of application mode could be contributing to that. The main issue here is that the forms that are being shown to users open up in a separate desktop app that would not show the URL that the form belongs to.
Looking at a URL is a straightforward way to see if a link is legitimate or if is a spoofed log in page, and if users are unable to see the URL they would be more likely to put the details in while being none the wiser. However, the threat actor that is initiating this attack would first need to entice users into clicking a Windows shortcut, so if consumers are more careful about the shortcuts they click on such attacks could be mitigated.
The long and short of it is that malicious actors are continuing to develop new ways to trick unsuspecting users, and they must remain ever vigilant. People should be informed that Windows short cuts could bring up fake log in pages that are meant to phish them.
H/T: Mrd0x
Read next: Google Puts Its Cybersecurity Team In The Spotlight With New Docuseries
