DuckDuckGo Android Browser Vulnerable to URL Spoofing Attacks


DuckDuckGo Android Browser Vulnerable to URL Spoofing Attacks (May 28, 2019)

A security flaw has been identified by security researcher, Dhiraj Mishra, on the Android mobile browser version of the “DuckDuckGo” search engine. The vulnerability, registered as “CVE-2019-12329”, can allow for threat actors to spoof the address bar. By changing the URL in the address bar, attackers can trick users into believing they are on a trusted website, while being redirected to malicious websites, such as phishing sites, or a website containing malware. These attacks are particularly dangerous as they are much more difficult for users to detect.

Recommendation: URL spoofing attacks are difficult to detect, and this story as a reminder that users should always be cautious while clicking on links that direct to what appears to be a legitimate website. The use of a search for the official website can be a good mitigation step to assist in avoiding URL spoofing.

Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.


I remember this vulnerability was early reported back in Oct 2018 to duckduckgo for address bar spoofing and their team closed the issued with out it being fixed… … … that’s how serious they are with privacy :confused: