Desktop phishing pages created through app mode in browsers

Threat actors could exploit the Application Mode feature in Chromium-based browsers Google Chorme, Microsoft Edge, and Brave Browser in a new phishing technique involving the creation of local login forms that impersonate desktop applications, reports BleepingComputer. Such an attack could be conducted by convincing targets to execute a Windows shortcut that uses App Mode to trigger a phishing URL, according to security researcher mr.d0x, who was also behind the discovery of "Browser-in-the-Browser" attacks. The installation of Microsoft Edge in Windows 10 and later has only made conducting the new phishing attack easier, said mr.d0x. Attackers could leverage certain commands that would create shortcuts prompting the launch of the malicious applet. Portable HTML files, with the "-app" parameter to the phishing site, could also be leveraged to commence the attack. Threat actors could then perform the BitB technique in the attack, which could also be launched on devices running on Linux and macOS.