Google blocks Unicode phishing URLs that could spoof Apple.com in Chrome

Google has rushed out a fix in Chrome 58, released yesterday, for what it calls an Internationalized Domain Name (IDN) homographic attack that used Cyrillic characters that look identical to Latin characters.

Web developer Xudong Zheng demonstrated the issue in Chrome 57 and Firefox 52 by registering the domain xn--80ak6aa92e.com which appeared in the both browsers’ address bar as apple.com. Security firm Wordfence also registered the domain xn--e1awd7f.com which looks like epic.com. Phishing attackers could have used the this to spam users with bogus links to Apple's website with a high chance that recipients would view the site with Chrome.

The attack makes use of the punycode system for converting non-Latin characters into ASCII encoding. The system itself supports web users of non-Latin languages by allowing people to register domains using A-Z characters and have the browser represent the domain to local users in, say, Chinese or other other scripts. As Zheng pointed out, the domain "xn--s7y.co" is equivalent to "短.co".

Register or Login to continue

This article is only available for subscribers. Sign up now for free and get free access to premium content from ARN, CIO, CMO, Computerworld, IDG Education, IDG Government, and IDG Health.

Join the newsletter!

Error: Please check your email address.

Tags AppleGooglephishingchrome

More about AppleGoogleMicrosoft

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Liam Tung

Latest Videos

More videos

Blog Posts

Market Place