Users of the Google Chrome browser are exposed to a “browser-in-the-browser or BitB” attack when trying to log in to a web page from a Google, Twitter or Facebook account, among others.

A Google browser user who wants to save time logging into a website using such accounts may find themselves faced with a very similar to the real pop-up that delivers personal data to a hacker, not a trusted site, through the technique known as “phishing“.

According to the Android Police website, the finding has been discovered by a researcher who, under the username mr.d0x and after asking about possible ways to attack the browser, found a potential weakness in it and created a series of templates to make it work subsequently published on Github.

These templates not only allow you to recreate a login popup, but also customize its URL, making it difficult for the user to verify its veracity.

In these cases, users are recommended to ensure in advance where they are accessing and to whom they are giving their personal data. In addition, it is possible to enable two-factor authentication to create an extra barrier of protection.

Source: dpa

La entrada Chrome users are exposed to a new form of cyberattack apareció primero en Bitfinance.