These days, a new vulnerability in Edge and Safari browser has been identified that allows cyber hackers to take control of content that displayed on address bar named Address Bar Spoofing. This vulnerability is regarding as the most harmful and popular type of Website spoofing. However, the Microsoft has solved and fixed this issue while Apple is still on working process which as a result the Apple users are in the risk to being a victim of such a cyber attack.
Know Who Discovered Address Bar Spoofing Vulnerability
Such a vulnerability is identified by the most popular Pakistan based security researcher named Rafay Balock. In past years, he has identified various address bar spoofing flaws and SOP bypass but recently, he reported about the another spoofing bug that mainly affects Safari and Edge. After noticing such a bug, he immediately informed to Microsoft and Apple companies. While he microsoft gas responded with a patch on Edge on the August 14, 2018 as a part of their security update while Apple didn’t deliver any patch until now.
Vulnerability has been given tracking id, CVE-2018-8383. To exploit such a vulnerability attacks tricks victim onto those site which is specially designed for it and that can be achieved easily. Apple are delaying this patch that may have left on Safari. This type of vulnerable is capable to allow hackers to impersonated webpages in address bar with the complete authentication marks.
Detailed Information of Spoofing Process
Spoofing has a specific operating principle that allows the cyber attacker to load the legitimate site directly in URL section and replace harmless address with the malicious or even virus related site. According to the security analysts, hackers usually load legitimate webpages and re-write body code to the malicious one without modifying URL. This way, hackers easily produces the fake login screens from social site including Gmail, Facebook, Twitter and many more which allow them to steal users several crucial data.
Harmful Traits of Address Bar Spoofing Vulnerability
Address Bar Spoofing vulnerability is very harmful and dangerous for the affected machine due to which users have to suffer with lots of negative traits. Some of the most common problems are listed below :
- Leads affected users to hacker controlled webpage.
- Delivers a malicious element and add it to start-up section to launch it each time while accessing the files.
- Uses a spoof code to trick users into visiting the ad-infected webpages.
- Bombards users screen with endless pop-up ads and links on users screen.
- Takes advantage of available System resources to carry out the complex calculations.
- Highly consumes resources and makes targeted machine too much slower than before.