• EN

New type of attack: browser in the browser

marcofabbri
Userlevel 7
Badge +13

Hi everyone,

just a quick update about a new type of attack: browser in the browser.

It simulates SSO popup windows to steal credentials with graphic html5 engine.

https://thehackernews.com/2022/03/new-browser-in-browser-bitb-attack.html

This is an example:

 

I’ll leave more info in next days about this attack when I found about it!

[UPDATE]

So it's a new type of attack (to say right, the first time it show itself was in 2020) called browser in the browser (BitB) attack. It's a midway to a phishing attack and social, because it relies on a miscalculation (hope it's the right word in english) of the user: it show up a pop-up windows rendered with HTML5 engine that's exacly the correct contropart.

It take advantage of all those SSO login or MFA authentication mechanisms that require user interaction.

A Facebook example was posted on Twitter by mr.d0x: https://twitter.com/mrd0x

"Combine the window design with an iframe pointing to the malicious server hosting the phishing page, and it's basically indistinguishable," mrd0x said in a technical write-up published last week "JavaScript can be easily used to make the window appear on a link or button click, on the page loading etc."

 

Backups are like pizza, I love them. | Linkedin: @marco-fabbri-it

7 comments

Chris.Childerhose
Userlevel 7
Badge +20

It is amazing what they are coming up with now.  This is very interesting for sure and a good read.

Chris Childerhose - VMCA2022 | VMCE2023 | Veeam Vanguard 7* | Veeam Legend 3* | vExpert 5* | VCAP-DCV/VCP-DCV | Object First Ace | Cisco Champion | Twitter: @cchilderhose | Blog Site – https://just-virtualization.tech
marcofabbri
Userlevel 7
Badge +13

I think this is scary, I viewed some examples where neither I can’t say if it’s real or phishing. Only an in-browser protection can block this type of attack.

Backups are like pizza, I love them. | Linkedin: @marco-fabbri-it
JMeixner
Userlevel 7
Badge +17

Looks really like an original browser window. The bad guys get more tricky every day...

Jochen (Joe) Meixner | Veeam Vanguard 2024 | Veeam Legend 2021 - 2023 | Veeam Certified Architect (VMCA) 2022 | Twitter: @JoMeix | BlueSky: @jmeixner.bsky.social
Rick Vanover
Userlevel 7
Badge +10

Good share! Yes, the bad actors are getting smarter :)

Twitter @RickVanover | Email: rick.vanover@veeam.com
regnor
Userlevel 7
Badge +14

Good share! Yes, the bad actors are getting smarter :)

That's the problem. The better the security measures get, the better/smarter the attackers have to be...

Max M. | Systems Engineer @Veeam | VMCE/VMCA | former Legend & Vanguard
marcofabbri
Userlevel 7
Badge +13

I updated first post with more information!

Backups are like pizza, I love them. | Linkedin: @marco-fabbri-it
marcofabbri
Userlevel 7
Badge +13

This is an interesting video about this new type of attack:

 

Backups are like pizza, I love them. | Linkedin: @marco-fabbri-it

Comment


Terms & Conditions