Bug allows address spoofing in Edge and Safari browsers
By Brezanne Lee on October 18, 2018
A vulnerability that allows hackers to spoof the URL in the address bar was discovered last month and has been found to affect Edge and Safari browsers. The bug allows a hacker to replace a legitimate site address with a spoofed address. While loading the page, JavaScript can be used to briefly switch to the URL containing the malicious code then quickly change back. The legitimate URL would remain, while the content from the spoofed site is loaded into the browser. This could allow hackers to mirror a legitimate website, steal visitor’s information and harvest credentials, all without the user knowing it is a malicious site since the URL in the address bar is still a legitimate site address. It can take phishing and spearfishing emails to another level.
The vulnerability was found several months ago, and CVE-2018-8383 was published last month. The bug has since been patched in Edge browsers by Microsoft, Apple however, still has not released a patch fix for the vulnerability. The bug did not affect Chrome or Firefox browsers, which looks to be caused by not properly parsing HTTP content.
Vulnerabilities such as this show that we can no longer rely on double-checking the address bar URL to keep us safe from malicious websites, as we have been conditioned to do. The best thing to do is to not click on questionable links, type in the URL or use a search engine, and always keep your browser and operating system up to date with the latest patches.
Sources
Apple Insider
TheRegister.co.uk
https://www.theregister.co.uk/2018/09/11/safari_edge_spoofing/
Threatpost
https://threatpost.com/apple-yet-to-patch-safari-browser-address-bar-spoofing-flaw/137395/
2-spyware
https://www.2-spyware.com/safari-and-edge-browsers-infected-by-a-spoofing-bug