New address bar spoofing attacks target popular mobile browsers, including Yandex Browser, UCWeb, RITS Browser, and Bolt Browser. On Tuesday, Oct. 22, cybersecurity experts provided the details about the new vulnerability that currently affects multiple mobile browsers, such as Opera Touch and Apple Safari.

UCWeb, Bolt Browser, and Other Popular Are Vulnerable to New Address Bar Spoofing Attacks
(Photo : Photo by Sean Gallup/Getty Images)
A window on the Mozilla Firefox browser shows the browser has blocked the Adobe Flash plugin from activating due to a security issue on July 14, 2015 in Berlin, Germany. According to online reports Adobe Flash is easily exploitable on several fronts by hackers, who can use Flash to gain access to a user's computer, and that so far Adobe has not yet released a fix.

The address bar spoofing vulnerability allows hackers and other cybercriminals to deliver malware and conduct spear-phishing attacks, as reported by The Hacker News. Rafay Baloch, a Pakistani security researcher, was the first to discover the flaws in 2020.

Together with a cybersecurity firm called Rapid7, Baloch announced the newly discovered vulnerability in August. The confirmation came before the browser makers addressed the issue over the past few weeks.

Where did address bar spoofing come from?

Because of the announcement, Opera Mini said that a fix is expected on Nov. 11, 2020. Meanwhile, other browsers, such as Bolt Browser, and UCWeb still hasn't received any patch yet.

UCWeb, Bolt Browser, and Other Popular Are Vulnerable to New Address Bar Spoofing Attacks
(Photo : Photo illustration by Justin Sullivan/Getty Images)
In this photo illustration, an error message appears on the Facebook home page on a laptop computer screen on September 28, 2015 in Newark, New Jersey. For the second time in a week Facebook has experienced and outage. The first outage lasted 10 minutes

The vulnerability came from using a harmful executable JavaScript code, which can be found in an arbitrary website. Once the malicious code is activated, it will force the mobile browser to update the address bar to another address of the attacker's choice while the page is still loading.

Also Read: Telegram Deepfake Bot Strips Off Photos of Over 100,000 Women-Here's How Adobe Plans to Fight It!

"The vulnerability occurs due to Safari preserving address bar of the URL when requested over an arbitrary port, the set interval function reloads bing.com:8080 every 2 milliseconds and hence user is unable to recognize the redirection from the original URL to spoofed URL," said Rafay Baloch in his technical analysis.

An 85% increase in phishing attacks was discovered

According to Rafay Baloch's blog post, Zscaler's report found an increase of 85% in phishing attacks in April. The cyberattacks focus on registering domains featuring COVID-19 keywords such as vaccine, Wuhan, and other terms related to coronavirus, for stealing sensitive credentials from unsuspecting users.

They also disseminate malware, such as ransomware, for conducting financial frauds. Microsoft also highlighted the advanced cyber attacks, categorizing email phishing as the most dominant attack vector.

For more news updates about other security threats, always keep your tabs open here at TechTimes.

Related Article: Robin Hood Hackers Donate Stolen Money to 'Make the World a Better Place'

This article is owned by TechTimes,

Written by: Giuliano de Leon.

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion