A new security vulnerability in the Android versions of Google Chrome and Mozilla Firefox allow malicious users to “spoof” Internet addresses and thereby impersonating legitimate websites. The exploit relies on a parsing error of Arabic characters.
The Two Most Popular Browsers on Android Are Affected
The issue was identified by the security researcher Rafay Baloch. The two mobile web browsers mishandled the way right-to-left text is rendered. The security issue is apparent when a URL that contains that Arabic character “|” the host and path of the URL are reversed.
This bug can be used by malicious users for spoofing attempts, generally with providing the long address of malicious sites. Google Chrome demonstrated the vulnerability when exposed to the IP address containing the Arabic character. Mozilla Firefox, on the other hand, only needed the Arabic character to execute the flip of the host and path.
Spoofing attacks are usually carried with computer viruses or other criminal software and are a formidable tactic used by malicious users. Social engineering can be used against unsuspecting users with the intent of stealing personal data or impersonating legitimate websites. Notable examples include counterfeit payment sites, famous banks, and other frequently visited online services. Attacks such as this one can also utilize false security insignia to fool the user into believing that a secure connection has been established.
Rafay Baloch stated that a desktop browser is affected by the issue as well, but its developers are actively working on a patch to fix the exploit. The Mozilla Firefox security team has reviewed the issue in their advisory and report that it does not affect the desktop version of the browser.
The Android versions of both browser software have fixed the vulnerability in the latest update. Users are encouraged to use only the latest versions to protect themselves from spoofing attempts.
