Home > News content

Google Safe Browsing API has a problem Mobile browser cannot display an attack warning

via:博客园     time:2019/5/25 17:09:19     readed:129


NetEase Technology News May 25, according to ZDNet reports, a research team consisting of Arizona State University scholars and PayPal staff recently announced that from mid-2017 to mid-late 2018, due to Google Safe Browsing API A problem has caused mobile browsers such as Chrome, Firefox, and Safari to fail to display phishing attack warnings.

The researchers said: "We found a huge gap in the protection of top mobile web browsers. Surprisingly, mobile browsers such as Chrome, Safari, and Firefox did not display any blacklist warnings between mid-2017 and the end of 2018, despite security settings that imply blacklist protection. ” However, this issue only affects mobile browsers that use Google Safe Browsing Link Blacklist technology.

The research team has informed Google of the problem, which was fixed at the end of 2018. The researchers said: "After we disclosed this vulnerability, we learned that the inconsistency in the mobile GSB blacklist was due to a transition to a new mobile API designed to optimize data usage, and this API did not end up. The expected effect. ”

This major security breach was discovered in an academic research project called PhishFarm, which was launched in early 2017. During this time, the researchers created and deployed 2,380 phishing pages that mimicked PayPal logins, but instead of measuring the speed at which URLs appeared on the URL blacklist, they focused on deploying phishing with "camouflage technology" Pages, these pages are designed to trick URL blacklisting techniques and then record the time spent on these "disguise" phishing pages entering the "dangerous website" list.

For PhishFarm, the researchers tested a number of URL blacklists, such as Google Safe Browsing, Microsoft Smart Screen, and blacklists managed by US-CERT, Anti-Phishing Working Group, PayPal, PhishTank, Netcraft, WebSense, McAfee, and ESET. In addition, the research team's phishing page uses six camouflage techniques, and researchers say they have seen the use of these phishing tools in the real world.

The researchers said: "We found that simple camouflage technology that represents real-world attacks —— including attacks based on geography, device type or JavaScript, can effectively reduce the likelihood of blacklisting by more than 55%. The detection results for each URL blacklist and masquerading technology vary, but most notably, many phishing attacks are not detected on mobile browsers that use Google Safe Browsing URL blacklists. ”

When the researchers repeated their tests in mid-2018, they got the same results, when they realized that Google's Safe Browsing technology was not as secure on the mobile device as expected. However, the researchers said that the problem was finally resolved by the end of 2018. (small)


China IT News APP

Download China IT News APP

Please rate this news

The average score will be displayed after you score.

Post comment

Do not see clearly? Click for a new code.

User comments