New issue
Advanced search Search tips

Issue 797698 link

Starred by 2 users
Status: WontFix
Owner: ----
Closed: Dec 2017
Components:
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: ----
Type: Bug-Security



Sign in to add a comment

Security: Bug replaces X with full page view functionality on infected pages.

Reported by t.m.byer...@gmail.com, Dec 26 2017 
Quick Summery : Bug allows infected webpage to remove access to X button on both page tab and the chrome browser X as well by replacing it with the function of going fullscreen on the browser, thus making it impossible to exit the infected page or close it. I was only able to close chrome via cntrl + alt + delete and ending the process. I was using incognito mode.



While on Chrome, and visiting https://www.coindesk.com/death-ico-4-2018-predictions/?utm_content=buffer62aaa&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer

suddenly my browser in the same window went to a different page with a red background ( typical scam type of website ). While I typically would immediately exit chrome ( I was browsing incognito ) to avoid clicking anything, the bug I experierenced was causing the page to go full screen when clicking the X button to exit the page. It did not matter if I used the X on the tab itself or the X on the entire chrome application to exit, both resulted in going into fullscreen mode of the infected webpage. I have no viruses on my computer, I even did multiple scans following the event to confirm it was a chrome issue.

Comment 1 by elawrence@chromium.org, Dec 26 2017

Components: UI>Browser
Summary: Security: Bug replaces X with full page view functionality on infected pages. (was: Security: Bug replaces X ( exit button on both tab and chrome itself ) with full page view functionality on infected pages.)
In every case of this I've seen, the page has already entered full-screen mode and the "X" button clicked by the user is simply a screenshot provided by the scam site. Clicking the fake X thus does not close the tab. Hitting F11/Escape should exit full-screen mode and allow the tab to be closed normally.

I'm not able to reproduce any badness with this particular URL; it's typically triggered by a malicious advertisement and thus it's not a reliable repro.

Comment 2 by elawrence@chromium.org, Dec 27 2017

Status: WontFix (was: Unconfirmed)
Unfortunately, without additional detail we won't be able to make any progress on this. 

If you're able to reproduce this in the future, please try to get a screenshot of the fake site, ideally in both full-screen and non-fullscreen modes. We can then submit the correct site for blocking by the SafeBrowsing service.
Project Member

Comment 3 by sheriffbot@chromium.org, Apr 5 2018

Labels: -Restrict-View-SecurityTeam allpublic
This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Sign in to add a comment