Beware of fake websites that look exactly like official ones; know how easily they are made

Hackers are finding new and unique ways to hack your desktop or other devices. And now, a new phishing technique has been found that demonstrates that the Application Mode feature in Chromium-based web browsers namely Google Chrome and Microsoft Edge, can be abused to create realistic desktop phishing applications. Informing about the same mrd0x.com said in a blog post. “In this blog post I show how Chromium’s application mode allows us to easily create realistic desktop phishing applications.”

The blog post further informed that the Chromium-based browsers support the app command line flag. This flag will launch a website in application mode which does several things, which are mentioned below:

1. Causes the site to be launched in a separate browser window

2. The launched window is given a desktop application appearance rather than a browser appearance

3. The Windows Taskbar displays the website’s favicon rather than the browser’s icon

4. Launches the website while hiding the address bar.

“We can see the Windows Taskbar is displaying the site’s favicon as the icon,” the blog post read.

mrd0x.com further said, “Since application mode hides the address bar, it’s up to us now to create the fake address bar. I used the address bar HTML/CSS from my BITB repo (it’s signatured so avoid using it in a real engagement) and included it at the top of my site. The Windows Taskbar will display the website’s icon and since I changed mine to Microsoft’s logo, the taskbar will now reflect that.”

While coming to external or internal phishing, the blog post explained, “Although this technique is meant more towards internal phishing, you can technically still use it in an external phishing scenario. You can deliver these fake applications independently as files. Assuming that you’ve setup your phishing page with a fake address bar at the top, simply set the –app parameter to point to your phishing site.”

It also informed that with this method you can create a website that impersonates that software’s appearance. “You can impersonate Windows login prompts, VPN software, backup software and pretty much anything if you have basic HTML/CSS skills,” the blog post read.

On top of that, the phishing site can make use of JavaScript to take more actions, like closing the window immediately after the user performs an action. It can also be noted that the Chromium application mode works on other operating systems as well.