New Phishing Toolset Allows for Browser in the Browser (BitB) Attacks

When logging onto websites, users often have the choice of signing in with Google, Microsoft, Apple, Twitter, or even Steam.

A single-sign-on (SSO) browser window will open, inviting the user to input their credentials and log into their account when clicking the Login in Google or login in App buttons.

While the address bar is blocked in these SSO windows, the user may still use the displayed URL to verify if it’s logged in through a real google.com domain. This URL further establishes the form’s trustworthiness, allowing for the input of login credentials with confidence.

Threat actors have tried to generate similar bogus SSO windows in the past using HTML, CSS, and JavaScript, but the windows are often a bit wrong, making them seem suspicious.

What Happened?

This is where a new “Browser in the Browser (BitB) Attack” comes into play, which utilizes pre-made templates to build phony but realistic Chrome popup windows with configurable address URLs and names for use in phishing assaults.

As BleepingComputer reports, this exploit produces bogus browser windows within legitimate browser windows (Browser in the Browser) in order to conduct convincing phishing assaults.

Mr.d0x, a security researcher, designed the Browser in the Browser attack templates

Read More: https://heimdalsecurity.com/blog/new-phishing-toolset-allows-for-browser-in-the-browser-bitb-attacks/