"Hackers Can Use 'App Mode' in Chromium Browsers for Stealth Phishing Attacks"

It has been demonstrated in a new phishing technique that the App Mode feature in Chromium-based web browsers can be abused to create realistic desktop phishing applications. App Mode is intended to provide native-like experiences by launching the website in a separate browser window, displaying the website's favicon, and hiding the address bar. A malicious actor can use this behavior to display a fake address bar on top of the window and trick users into giving up their credentials on rogue login forms, according to security researcher mr.d0x, who also devised the Browser-in-the-Browser (BitB) attack method earlier this year. Although this technique is intended for internal phishing, it can technically be used in an external phishing scenario. These fake applications can be delivered as files on their own. Setting up a phishing page with a fake address bar at the top and configuring the app parameter to point to the phishing site hosting the page accomplishes this. Furthermore, the attacker-controlled phishing site can use JavaScript to perform additional actions, such as immediately closing the window after the user enters the credentials or resizing and positioning it to achieve the desired effect. The mechanism works on other operating systems besides Windows, including macOS and Linux, making it a potential cross-platform threat. However, the success of the attack is dependent on the attacker already having access to the target's machine. This article continues to discuss the possible use of the App Mode feature in Chromium browsers to create realistic desktop phishing applications.

THN reports "Hackers Can Use 'App Mode' in Chromium Browsers for Stealth Phishing Attacks"