Browser extension tool SingleFile leveraged to copy malicious login pages in a new phishing attack

guest · Apr 6, 2019

Browser extension tool SingleFile leveraged to copy malicious login pages in a new phishing attack
April 5, 2019
https://cyware.com/news/browser-ext...login-pages-in-a-new-phishing-attack-6640dac2

Cybercriminals have been found using the legitimate browser extension tool SingleFile as a part of their latest phishing campaign. The web extension is used as the obfuscation method to avoid detection.
What is SingleFile - SingleFiles is an extension available for Google Chrome and Mozilla Firefox. It allows users to save a webpage as a single HTML file. The extension streamlines the process of saving web pages, required files and all, on a single HTML document.

How is it exploited by attackers - According to Trend Micro researchers, the cybercriminals are using SingleFiles to copy the login pages of legitimate pages, which in turn can later to used to steal users’ credentials.

Citing the effectiveness of using SingleFile as an attack tool, researchers said, “unlike other obfuscation methods such as 'document.write(unescape(' which uses JavaScript, the generated phishing page hides the login form HTML code and the JavaScript used by the original login page from static detection tools.”
Click to expand...

Rasheed187 · Apr 13, 2019

Sounds like a handy extension. But this used to be standard feature in the Opera Presto browser, weird that you can not save full websites anymore. Chrome, Edge, Firefox and Opera don't offer this.

Log in or Sign up

Browser extension tool SingleFile leveraged to copy malicious login pages in a new phishing attack

guest Guest

Rasheed187 Registered Member

Log in or Sign up

Browser extension tool SingleFile leveraged to copy malicious login pages in a new phishing attack

guest Guest

Rasheed187 Registered Member

Useful Searches