Hackers can use different methods to steal passwords and accounts on the Internet. In this article we echo a new threat. It is a Phishing toolkit that any attacker can use to create fake windows in Chrome and thus steal access keys. Basically what they do is create forms to put the credentials and passwords as if it were a legitimate page. The worst thing is that it is very believable.
Fake forms to steal passwords in Chrome
Surely you have ever tried to log in to a web page and you have received a form to enter automatically with Google, Twitter or Facebook. It is a way to save time and not have to register. We simply click, for example, on Google and put our data and that’s it.
This is safe? They basically make use of protocols like OpenID and 0Auth. On paper we can say that this method is reliable. Our data is managed by platforms as important as Google or Facebook. Total security does not exist and there can always be some breach, but in the same way that there could be when logging into any program or online service.
The problem comes when a hacker is able to forge those forms to log in. What they do is create a page in Chrome that pretends to be legitimate and where they are going to give us the opportunity to enter through Facebook, Google and other services. Clicking on any of them will open a new window to put personal data.
These types of windows are very simple. Basically they have the URL (where you will see the name of Google, Facebook or Twitter, to give more security) and the button to log in. This is exactly what hackers do: fake a window in Chrome in such a way that it seems real, with the URL to that type of service and everything very real.
What they do is create a fake browser window, inside real browser windows. This is what is known as a BitB attack. The result is a Phishing attack in order to steal passwords.
Templates accessible to all
The security researchers behind this indicated that it is about using templates that are very accessible to any attacker. They were created by mr.d0x and he posted them on GitHub. These templates are very customizable, so they adapt to all types of users and also to Chrome’s dark mode.
Without a doubt, this is a major problem, since they are templates that can be used for Chrome and affect the security of many users. It is important to be prepared and avoid attacks of this type that can compromise our accounts when browsing the Internet. You can see an example shown by mr.d0x where a window appears to log in through Facebook. One is false and the other legitimate:
How to be protected and avoid password theft in Chrome? The main thing of all is common sense. You must make sure very well where you are accessing. You should never log in from links that are not trustworthy and do not offer real guarantees. You should also enable two-factor authentication to create an extra layer of security. In addition, it is good to always have security programs and have everything updated.