DuckDuckGo Android Browser Vulnerable to URL Spoofing Attacks (May 28, 2019)
A security flaw has been identified by security researcher, Dhiraj Mishra, on the Android mobile browser version of the “DuckDuckGo” search engine. The vulnerability, registered as “CVE-2019-12329”, can allow for threat actors to spoof the address bar. By changing the URL in the address bar, attackers can trick users into believing they are on a trusted website, while being redirected to malicious websites, such as phishing sites, or a website containing malware. These attacks are particularly dangerous as they are much more difficult for users to detect.
Recommendation: URL spoofing attacks are difficult to detect, and this story as a reminder that users should always be cautious while clicking on links that direct to what appears to be a legitimate website. The use of a search for the official website can be a good mitigation step to assist in avoiding URL spoofing.
Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.