December 5, 2022

TheCyberThrone

Thinking Security ! Always

Homograph Attack Warning

Researchers have delivered an urgent warning to Microsoft Office users about homograph attacks, that results in data breach

Homograph attacks misuse similar-looking characters to deceive users. The difference is slight, but the potential of these attacks increases when they are based on international domain names (IDN).

Advertisements

In a disturbing discovery, researchers found that all Microsoft Office applications are unprotected against such attacks. The attacks tend to exploit the globalization of the internet. All web domains used the Latin alphabet, which consisted of 26 characters.

The internet has now expanded to include more characters that include the Cyrillic alphabet. This allowed hackers to combine different characters and create phishing sites with URLs that look very similar to the authentic website.

Users may not be able to tell the difference until the site is opened in their browser. In some cases, as users land on these malicious websites, it triggers a malware download.

This homograph attack is not easy to carry out, and is unlikely to be used at scale. But the vulnerability can be abused as a highly potent weapon for targeted attacks, like state-sponsored cyber attackers targeting certain high-value companies to hack their passwords and other sensitive data.

Advertisements

This issue was reported to Microsoft during October 2021, but it yet to receive the patch.

Bit Defender security term worked on this research.

%d bloggers like this: