What is a Browser in the Browser attack, often referred to as a BitB hack?

We have described several phishing strategies here in our IP Address Guide, and today we would like to show you one of the newest methods used by hackers to steal your data and login credentials. This method is referred to as a Browser in the Browser attack and it is making you believe that a new browser window has been opened when in reality you are still in the same window.

The best way to protect yourself against a Browser in the Browser attack is to not visit questionable websites at all. How come? A Browser in the Browser attack only exists as a danger when you visit sites with evil intentions. As a result, using a VPN with a malware-protection included like NordVPN, or activating other similar tools might keep you safe from such sites.

browser in the browser attack

What is a Browser in the Browser attack? How does it work?

When you visit online stores, forums, and streaming services, you will often be required to register an account in order to place an order or access certain content. To make life easier, it is often possible to use your existing Facebook account, Google account, or Microsoft account to create a user on such sites. This is something we are used to and this is taken advantage of by the hackers using the Browser in the Browser attack.

The first requirement is that you visit a website operated by hackers. They will do their uttermost to make it look legitimate because the goal is to make you register an account in order to proceed with some sort of action.

As you decide to register an account, you will be asked whether you want to use your Google, Facebook, or Twitter to register your account. Normally you will see a pop-up window that takes you to Google, Facebook, or Twitter, and after logging in, you will allow the action to take place (registering your new account).

But, when you fall victim to the browser in the browser attack you will not be sent to the real websites of Google, Facebook, or Twitter. Instead, the hackers will create something that looks like a pop-up in your browser, but it really is a script running on the website you are currently visiting. All text, images, and even the website address will look real in the look-a-like pop-up window. This makes it very easy to be tricked. If you type in your account credentials for Twitter, Facebook, Google, or some other service, the data is immediately sent to the hackers. That is bad news for you!

How to protect yourself against a Browser in the Browser attack?

The best advice is always to be careful and to be proactive. Install a good antivirus program today, have a good malware scanner, and protect yourself against malware-infected sites. But, great programs will not always be able to protect us against human stupidity. That is why we should always be careful with the websites we visit and what we download and which links we click. Most of us will never even get to the website using the browser in the browser attack, simply because we never visit it in the first place.

Unfortunately, many get to such websites because they want to watch a free live stream of a Premier League match. They get to a junk site and there they are forced to register an account in order to watch the live stream. They click the link and try to register a new account with their social media credentials. Game Over! Be careful!

A Password Manager will protect you!

Another piece of protection is to use a password manager. You might wonder how that can help you?

When you use a password manager, your credentials are connected to a certain website. For example, you will only be suggested your Google credentials as you visit www.google.com, www.gmail.com, or similar sites.

As you visit a site that tries to steal your Google account details using the browser in the browser trick, the password manager will never suggest the password because the website address is wrong. The password manager will immediately know that you are at a different address and it will not suggest your Google credentials. At first, you might not understand why, but then you will hopefully see the danger ahead and leave the website quickly as the evil intentions of the website owners are revealed to you.

2FA will also help you!

If you use 2-factor authentication you will also be one step ahead of the intruders. Even though you give them your Facebook credentials, they will still need your 2FA code, and this is something they do not have. In other words, adding a second layer of protection is always smart. You can also do this by using tools such as a YubiKey.

bitb hackers

These are just some thoughts about the browser in the browser attack. I hope you have found it useful. If you have comments, questions, or a personal experience that you would like to share, please use the comment field below.

Leave a Reply