A cybersecurity researcher has unveiled a sophisticated phishing method that bypasses even multi-factor authentication.
Munich - It happens almost every day: data protection violations, attacks with Trojans or phishing that pose a risk to sensitive data.
Warnings about scammers and stolen credentials are no longer uncommon.
But the other side is also active and is constantly bringing new tools so that people can protect themselves from cyber attacks.
For example, the introduction of multi-factor authentication (MFA).
This makes it generally more difficult for criminals to steal and use login credentials.
Unless scammers had access to their victims' MFA passwords or security keys.
New phishing method uses Microsoft Edge WebView2 applications
Cybersecurity researcher mr.d0x has presented a new phishing method that makes Microsoft Edge WebView2 applications an accomplice.
This is how you can steal a user's authentication cookies, writes
BleepingComputer.com.
It is a sophisticated phishing method that targets Windows users.
In general, the use of multi-factor authentication (MFA) makes access to sensitive data more difficult, but if this hurdle is overcome, an attack from the outside is relatively easy.
Stay up to date on consumer information and product recalls with our brand new consumer newsletter.
The “WebView2 Cookie Stealer”
The new social engineering attack is called the WebView2 cookie stealer and consists of an executable WebView2 file.
The launches the login form of a legitimate website within the application.
With the technology, applications could load any site into a native application and display it as if it were open in Microsoft Edge.
WebView2 also makes it possible to access cookies directly and inject JavaScript into the web page loaded by an application.
According to
winfuture.de
, this makes it an excellent tool for logging keystrokes and stealing authentication cookies.
Cyber specialist Mr.d0x has demonstrated a proof-of-concept program that mimics the legitimate Microsoft login form using the embedded WebView2 control and snoops on relevant login data.
Stolen data - this is how the Windows clientele can protect itself
The exploitability of the vulnerability is limited because the victims first have to load an executable program with which the hacker then starts access, writes
winfuture.de
.
However, such an attack can happen unnoticed, for example through e-mail attachments, random downloads from the Internet, cracks and warez or game cheats.
If you want to protect yourself, you should not open any e-mail attachments from unknown addresses or download links from users.
A click on the sender address shows whether the sender is known or not.
You should never respond to suspicious messages anyway.
Apart from the ever new phishing scams among private individuals, the industry association Bitkom advises companies in Germany to significantly expand their protective measures against cyber attacks in view of the war in Ukraine.
New phishing method - that's what Microsoft says
"This social engineering technique requires an attacker to convince a user to download and run a malicious application," Microsoft told
BleepingComputer.com
in a statement.
Microsoft advises: "We encourage users to practice safe computing habits, avoid running or installing applications from unknown or untrusted sources, and keep Microsoft Defender (or other anti-malware software) up to date".
