Popular browsers found vulnerable to IDN-related phishing attack
Apr, 18, 2023
Hi-network.com
Chrome, Firefox and Opera, some among the most popular Internet browsers, appear to be vulnerable to a specific sort of phishing attack, cybersecurity-related websites reported. The vulnerability allows perpetrators to conduct a so-called homograph type of phishing attack, in which a domain name that looks exactly like a legitimate one (such as apple.com, google.com or a domain of a bank for instance) is displayed in users' browsers, yet it is actually a different domain and leads to a fraudulent website. This fraud is possible in browsers which mishandle specific way of encoding (known as "punycode") used to display domains which contain non-Latin script letters (such as Cyrillic, Arabic or Chinese) in order to enable internationalized domain names (IDN) to be used. IDN domains used to trick the users in such way are also legitimate domain names (but used for fraudulent purposes), and can therefore obtain a legitimate SSL certificate, which adds a "https://" security layer which can additionally confuse users to believe the address displayed is the requested one. Technology websites are raising awareness about this issue and suggesting the ways to mitigate the problem in Firefox, while Chrome has released the updated version of its browser. Security professionals, however, fear that the vulnerability may be heavily exploited for cyber-attacks before users around the world upgrade their software.