Web browser app mode can be abused to make desktop phishing pages


Level 78
Thread author
Honorary Member
Top Poster
Content Creator
Apr 24, 2016
A new phishing technique using Chrome's Application Mode feature allows threat actors to display local login forms that appear as desktop applications, making it easier to steal credentials.

The Application Mode feature is available in all Chromium-based browsers, including Google Chrome, Microsoft Edge and the Brave Browser. It can generate realistic-looking login screens that are hard to differentiate from a legitimate login prompt.

Because desktop applications are generally harder to spoof, users are less likely to treat them with the same caution they reserve for browser windows that are more widely abused for phishing.

The potential for using Chrome's app mode in phishing attacks was demonstrated by researcher mr.d0x, who also devised "Browser-in-the-Browser" attacks earlier in the year. Multiple threat actors later used the BiTB technique in phishing attacks to steal credentials.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.