New Phishing Attack Uses Browser-in-the-Browser Technique to Target Gamers

A sophisticated phishing campaign has been uncovered by Silent Push threat analysts, employing the browser-in-the-browser (BitB) technique to target gamers, particularly those playing Counter-Strike 2 on the Steam platform.

This campaign involves creating fake but realistic browser pop-up windows that mimic legitimate login pages, aiming to deceive users into divulging their Steam account credentials.

New Phishing Attack Uses Browser-in-the-Browser Technique to Target Gamers
Example of a website selling Steam accounts with pricing

The attackers are exploiting the brand and identity of the professional eSports team Navi to enhance the credibility of their phishing sites.

Technical Details of the Attack

The BitB attacks are designed to appear as legitimate browser pop-ups, complete with a URL bar that displays the address of the real website, in this case, Steam.

However, these pop-ups are not actual browser windows and cannot be moved or resized outside the main browser frame.

According to the Report, this is a key indicator that can help users identify such phishing attempts.

The attackers have also been promoting their scam domains on platforms like YouTube, further expanding their reach.

The campaign includes websites in English and one in Mandarin, indicating a broad target audience.

New Phishing Attack Uses Browser-in-the-Browser Technique to Target GamersNew Phishing Attack Uses Browser-in-the-Browser Technique to Target Gamers
Example of the Chinese phishing website in Mandarin with English wording

Impact and Mitigation

The motivation behind targeting Steam accounts is the potential resale value of these accounts, which can contain numerous games and sell for substantial sums.

Websites like playerauctions.com facilitate the sale of such accounts, providing a lucrative market for stolen credentials.

To protect against these attacks, users should be cautious of login pop-ups that cannot be moved or resized.

If a user suspects they have been phished, they should immediately change their account credentials and monitor for any further unauthorized activity.

Silent Push is providing tools and resources to track and mitigate these threats, including a free Community Edition platform that offers advanced threat detection capabilities.

The company is also sharing indicators of future attacks (IOFAs) to help the security community stay ahead of evolving phishing tactics.

As these BitB attacks continue to evolve, it is crucial for gamers and cybersecurity professionals to remain vigilant and adapt their defenses accordingly.

Investigate Real-World Malicious Links & Phishing Attacks With Threat Intelligence Lookup – Try for Free


Source link