New issue
Advanced search Search tips

Issue 657493 link

Starred by 2 users
Status: WontFix
Owner: ----
Closed: Oct 2016
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: ----
Type: Bug-Security



Sign in to add a comment

Security: Possible Phishing Exploit

Reported by robertda...@gmail.com, Oct 19 2016 
The Chrome Browser opened a new tab without user input. The new tab contained a suspicious security alert. It also froze the Browser presumably to force the user to click an input on the new page. Chrome was successfully closed using the Windows Task Manager.


The suspicious page link is in attached text file.

 
VERSION
Chrome Version: Version 53.0.2785.143 m
Operating System: Windows 7 Home Premium, Service Pack 1 + all important updates

REPRODUCTION CASE
see above
report_Issue.txt
208 KB View Download

Comment 1 by elawrence@chromium.org, Oct 19 2016 

The attached text file is a data URI (base64 encoded) with a fake malware page; unfortunately, that won't tell us what we need to block the attack site that delivered it.

Notably, in the markup there are a few references to resources hosted by http://asp.nightingalesg.top/, which may or may not be a willing participant in the scam.

Somewhat related to  issue #594215  which would make attacks by data URIs harder.

Comment 2 by mbarbe...@chromium.org, Oct 20 2016

Labels: -Restrict-View-SecurityTeam
Status: WontFix (was: Unconfirmed)
As pointed out in comment 1, I don't think there's anything actionable here.

If you know the site that this was hosted on, you can consider reporting it at https://www.google.com/safebrowsing/report_badware/

Sign in to add a comment