silversurfer

Level 47
Content Creator
Trusted
Malware Hunter
Verified
Google announced today a security update for the Google user login system that the company hopes will improve its overall security protections against MitM-based phishing attacks.

According to Jonathan Skelker, Product Manager and Account Security for Google, the company plans to block any user login attempts initiated from an embedded browser framework technology.
This includes any logins attempted from tools like the Chromium Embedded Framework (CEF), XULRunner, and others.

EMBEDDED BROWSERS FRAMEWORKS ABUSED FOR MITM PHISHING
Over the past year, cyber-criminals have been using these tools as part of man-in-the-middle (MitM) attacks.

Crooks that manage to place themselves in a position to intercept the user's web traffic for the Google login page will often use an embedded browser framework to automate the login operation.

The user enters their Google login credentials on a phishing page, and then the crooks operating the page use an embedded browser framework to automate the login operation on the real Google server.

They use this technique to bypass two-factor authentication systems, and embedded browser frameworks are usually the component that interacts with Google servers on the cyber-criminal's behalf.

GOOGLE CAN'T TELL EMBEDDED BROWSERS FROM REAL USERS
"Because we can't differentiate between a legitimate sign in and a MITM attack on these platforms, we will be blocking sign-ins from embedded browser frameworks starting in June," Skelker said.
This is just Google's latest security update the company has rolled out for its user login system.