This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

New phishing ware in Google-Chrome-Browser (Linux)

Carl-Valentin Schmitt over 5 years ago

Here is Solus Linux 4.0 with Google-Chrome-Browser as version 73.0.3683.75 (Official Build) (64-bit).

It seems that the phishing ware is only in Chrome-Browser active ( NOT in firefox) as follows :

At http://viabuy.de

Then click into right corner above on Login.

In Login window there is is right corner above - a menue active for languages - but this is not normal.

Password and Login fails always. The menue with Languages as choosing options should not be there.

This is not visible in Firefox - so files of Google-Chrome-Browser are somewhere infected ?

sophos-AV-scanner finds nothing ?!

This thread was automatically locked due to age.

0 Gowtham Mani over 5 years ago

Hi Carl-Valentin Schmitt

This might be due to the way the site is designed or compatibility with the browser in the specific version on Linux distribution. Unless a malicious file is dropped on, Sophos AV will not take any action on the site in this case.

Regards,

Gowtham Mani
Community Support Engineer | Sophos Technical Support
Knowledge Base | @SophosSupport | Sign up for SMS Alerts
If a post solves your question use the 'This helped me' link.
Cancel
Vote Up 0 Vote Down

Cancel
0 Carl-Valentin Schmitt over 5 years ago in reply to Gowtham Mani

But by this menue with languages at viabuy.com - there was not possible to login ?!

This is not normal ?!

I dont know if this is an issue of html-form or similiar ?!

This happens only with chrome - but not with firefox.
Cancel
Vote Up 0 Vote Down

Cancel
0 Gowtham Mani over 5 years ago in reply to Carl-Valentin Schmitt

Hi Carl-Valentin Schmitt

Could be something to do with the browser. Have you tried them on another operating system with the same set of browsers?

Regards,

Gowtham Mani
Community Support Engineer | Sophos Technical Support
Knowledge Base | @SophosSupport | Sign up for SMS Alerts
If a post solves your question use the 'This helped me' link.
Cancel
Vote Up 0 Vote Down

Cancel
0 Badrobot over 4 years ago in reply to Carl-Valentin Schmitt

Different browsers can yield different results, I know many users that still use internet explorer because it will support insecure plugins for software they love to use, what you have to think of is if it is not in Firefox but in Chrome then what is the commonality-

Chrome is capable of showing the difference (Chrome is working correctly).

Chrome is incapable of showing the difference (Chrome is not working correctly and what u see is a bi-product).

Firefox is capable of showing the difference but is secure enough not too (unlikely but possible).

Firefox is incapable of showing the difference.

No matter the result of which browser shows you what you need to focus on the constant which is the webpage, if no content is downloaded to the device Sophos has nothing to scan, which leaves the web content filter and how that is setup to protect your users. Training is actually more critical in preventing phishing attacks then automation. If all this fails you can also always report any new webpage, files or other material to-

Sophos: https://secure2.sophos.com/en-us/support/submit-a-sample.aspx

Google: https://safebrowsing.google.com/safebrowsing/report_phish/?hl=en

Firefox: https://www.trishtech.com/2017/08/how-to-report-malicious-sites-in-firefox/

Respectfully,

Badrobot
Cancel
Vote Up 0 Vote Down

Cancel