A security vulnerability in Google Chrome browser reportedly allows malicious users to launch a phishing attack using a fake address bar. The bug, discovered by James Fischer, leverages how the Chrome mobile app disappears the address bar when you scroll down.
The exploit, as Fischer calls ‘The Inception Bar’ method, can be used to display a fake address bar that won’t disappear until you go to another site, Engadget reports. The exploit goes further to restrict you from seeing the real address bar when you scroll up. Although Fisher has demonstrated a proof of concept, the bug could theoretically allow large-scale phishing campaign to steal user information.
In related Chrome-related developments, Chrome 74 is now rolling out to Apple iOS, Google Chrome, and Microsoft Windows desktop platform across the world. This browser comes with the dark mode to the Chrome user interface (UI).
However, the new enhancement is applicable to only a small community of Windows 10 user as of now.
“The Chrome team is delighted to announce the promotion of Chrome 74 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 74.0.3729.108 contains a number of fixes and improvements,” said Google in an official blog post.
“Don't really know what can go wrong on the web? You don't have to. Chrome automatically protects you from security issues like phishing and dangerous sites” added Google.
In case you wish to download Chrome for Windows and check if you are amongst those who could check out dark mode for the Chrome UI, then click here to download Chrome 74 manually now.
Rollout of dark mode to Chrome 74 could also be a phased one, hence, you need not yet disappointed if the feature has not reached you yet. This could come to the fore real quickly or maybe in the near future in 2019. Hence, keep your eyes and ears open always.
(with inputs from ANI).