Of note, from this window, the address bar, minimize button, maximize button, refresh and back button are all fake and un-clickable, and the user is unable to select and drag to move or resize the window. Once the fake browser window expands into full-screen mode it also appears to have all the same icons and buttons of a legitimate browser as shown in the Fig 2 screenshot below.įig 2: Fake India gov page with a full-screen window
#Istripper full screen themes full
In this mode the scam becomes more difficult for most victims to recognize because normally when we switch the browser in full screen the address bar will disappear but in this case, there is a fake address bar which looks like a normal site in the browser and is very hard to identify as fake. Regardless of whether the victim clicks on the L eave or Cancel button the browser switches to full-screen mode. This type of alert window, shown below in Fig 1 typically pops-up on legitimate websites when a user tries to close a form tab without saving or submitting entered data.įig 1: Initial pop-up alert window before fullscreen The mechanism by which the scam link is delivered to the victims is still unknown, but our research indicates that this may be linked to a landing page pop-up with a common alert that the user is about to leave the current page without saving the changes. The homepage of this scam depicts a notice from the Indian government that due to repeatedly visiting pornographic sites user's browser is blocked and asks users to pay a fine by entering their card details. Attackers then prompt the victim with an extortion demand requiring them to enter a credit card and pay a fine to avoid being arrested by the police. This layered phishing attack appears to be the first of its kind, delivering a pop-up window that states a victim’s browser is blocked due to repeated visits of pornographic websites prohibited by the Government of India. Underlining this trend, the Zscaler ThreatLabz team recently observed a new Browser-in-the Browser (BITB) attack impersonating an Indian government website to deliver a sextortion demand with the threat of releasing sensitive information about victims if they refuse to pay.
#Istripper full screen themes windows
Most commonly, BITB attacks mimic single sign-on (SSO) windows with mostly undetectable fakes of the familiar log-in pop-ups.
Early this year, an unaffiliated security researcher who goes by the handle mrd0x on Twitter, took to the social platform to share key technical details revealing how this technique takes advantage of third-party single sign-on (SSO) targeting brands like Apple, Microsoft, and Google.
Zscaler first observed a phishing campaign using this technique back in February of 2020. In the past year, Browser-in-the Browser (BITB) attacks have emerged as a very effective technique for evading detection and convincing users to hand over credentials. Attackers are always looking for new techniques to bypass security measures and remain undetected by victims. Phishing has been a prominent cyber threat for decades, stealing the spotlight as the most prevalent attack vector for years, but the latest breed of attacks is more sophisticated and complicated to protect against than ever before.
0 kommentar(er)
