Echo JS 0.11.0

Draw Chrome browser UI with HTML, JS and CSS

at medium.com

3 up and 0 down, posted by pd4d10 2480 days ago 2 comments

peterc 2480 days ago. link 1 point ▲ ▼

Now imagine someone malicious drawing a pixel perfect Chrome browser that someone thinks is a normal browser, browses to their "bank" site, and enters credentials. Oops. I'm not even sure how you could protect against an attack like that..

sylvainpv 2479 days ago. link 1 point ▲ ▼

I have bad news for you. Phishing attacks do not even need a fake browser UI. Even if XFS attacks are almost all fixed today, you don't need an iframe: there are fake versions of thousands of websites out there, and some tools can automate this faking process while adapting to user language, OS, etc.