Urgent warning to millions of Google Chrome users about a simple but dangerous bug

A LOOPHOLE in Google Chrome exposes users to cyber crooks.

According to a cyber researcher, the browser’s “app mode” can be exploited to hit users with phishing attacks.

Hackers exploit a vulnerability in Google Chrome's app mode


Hackers exploit a vulnerability in Google Chrome’s app modePhoto credit: Getty

The feature removes websites so you can view them as apps and removes the address bar, toolbars, and other familiar elements.

It’s a useful way to display a clean, minimal interface for sites like YouTube — but hackers have found a way to exploit it.

This is because it can be used to generate a realistic looking login screen, which is actually a fake website operated by crooks.

The loophole was discovered by well-known cybersecurity researcher mr.d0x, who shared his finding in a recent article blog entry.

Google Urgent Android Warning Means Millions Must Act Now
Million refunds owed from Google after app shutdown - how to claim them

He showed that an attacker could easily send a user a message containing a link that launches a phishing website in app mode.

Since it opens in app mode, the user only sees what appears to be a login for a popular app like Facebook or Instagram.

Clearly, if the same link were opened in the regular version of Chrome, the user would see the address bar with a suspicious URL.

Attackers could therefore use the vulnerability to easily disguise their phishing websites as legitimate ones.

Users falling for the trick would inadvertently reveal their social media account logins or possibly their online banking credentials.

According to mr.d0x, the most likely way to launch such an attack would be via Windows shortcut files (.LNK).

Besides Google Chrome, App mode is available in all Chromium-based browsers, including Microsoft Edge.

The Sun reached out to Google for comment.

Phishing attacks lure victims to a website that appears to be operated by a trusted entity, such as B. a bank, a social media platform or another service.

However, the website is fake with fake content that aims to give a false sense of security to a victim.

The fake website may ask the victim to enter sensitive information like a password or email address.

Alternatively, it could encourage the user to download a seemingly harmless app that installs malware on their device.

Be suspicious of text messages or emails sent to you from unknown numbers or addresses.

Important: Do not click a link or download an attachment sent to you by someone you do not know.

If you think you have been the victim of a scam, you should contact your bank immediately to stop all outgoing payments.

You should also ask your bank to look into a possible refund.

Construction workers have heated our flooded house to 50°C and cooked our goldfish to death
Expert warns that pulling blinds down at night is wrong and poses a safety hazard

If you shared a password for an online account, call the organization and have the account suspended. You may be able to re-enable it at a later date.

In the UK you can report a suspected fraudulent email to the National Cyber ​​Security Centre here.

We pay for your stories! Do you have a story for The Sun Online Tech & Science Team? Email us at tech@the-sun.co.uk

https://www.thesun.ie/tech/9515431/warning-millions-google-chrome-users-mistake/ Urgent warning to millions of Google Chrome users about a simple but dangerous bug

Fry Electronics Team

Fry Electronics.com is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials, please contact us by email – admin@fry-electronics.com. The content will be deleted within 24 hours.

Related Articles

Back to top button