5 matches found
Attackers are using “Sneaky 2FA” to create fake sign-in windows that look real
Attackers have a new trick to steal your username and password: fake browser pop-ups that look exactly like real sign-in windows. These “Browser-in-the-Browser” attacks can fool almost anyone, but a password manager and a few simple habits can keep you safe. Phishing attacks continue to evolve, a...
Exemplifying Emerging Phishing: QR-Based Browser-In-The-Browser (BiTB) Attack
Lately, cybercriminals constantly formulate productive approaches to exploit individuals. This article exemplifies an innovative attack, namely QR-based Browser-in-The-Browser BiTB, using proficiencies of Large Language Model LLM i.e. Google Gemini. The presented attack is a fusion of two emergin...
BITB - Browser In The Browser (BITB) Templates
Browser templates for Browser In The Browser BITB attack. More information: https://mrd0x.com/browser-in-the-browser-phishing-attack/ Usage Each folder has a index.html file which has 4 variables that must be modified: XX-TITLE-XX - The title that shows up for the page e.g. Sign in to your accoun...
Belarusian ‘Ghostwriter’ Actor Picks Up BitB for Ukraine-Related Attacks
Ghostwriter – a threat actor previously linked with the Belarusian Ministry of Defense – has glommed onto the recently disclosed, nearly invisible “Browser-in-the-Browser” BitB credential-phishing technique in order to continue its ongoing exploitation of the war in Ukraine. In a Wednesday post,...
New Browser-in-the Browser (BITB) Attack Makes Phishing Nearly Undetectable
A novel phishing technique called browser-in-the-browser BitB attack can be exploited to simulate a browser window within the browser in order to spoof a legitimate domain, thereby making it possible to stage convincing phishing attacks. According to penetration tester and security researcher, wh...