Cyber Security researcher Rafay Baloch on Tuesday disclosed an address bar spoofing vulnerability that affected popular browsers, such as Safari, Opera, and Yandex which could be exploited and allows attackers to trick the browser into displaying different web addresses than the actual websites that the user is on.
What is Address Bar Spoofing?
These types of vulnerabilities have been around for a long time.
In this case, what an attacker does is modify the real URL and thus display a fake page instead of the legitimate one. This technique is generally used to impersonate well-known sites used by users. The victim is confident, they think they are actually visiting the legitimate page, but instead, they’re vulnerable to phishing and various other threats.
Keep in mind that modern browsers have functions and features to detect these types of problems. However, sometimes those failures appear and allow to be exploited without being detected. This would leave a window open for hackers to carry out their attacks.
However, these are the affected mobile browsers Opera, and Safari, as well as other lesser-known ones such as UCWeb, Yandex, Bolt, or RITS, are affected by this problem.
The vulnerability allows the delivery of malware and carries out Phishing attacks. It was discovered by security researcher Rafay Baloch and Rapid7’s Tod Beardsley, who helped Rafay disclose the flaws to the developers of the affected browsers and they have released updates to patch it.
Therefore, it is necessary that users who use any of these browsers on their mobile phones have the latest version. In this way, they will be protected and will not suffer problems like the ones we have mentioned, such as malware entering the device or seeing passwords being stolen through Phishing attacks.
Basically, we can say that an attacker can configure a malicious website and entice the target to open the link of a fake email or text message, leading an unsuspecting recipient to download malware or risk having their credentials stolen.