From the department of things that aren't what they seem, researchers have demonstrated a new address-spoofing exploit that tricks Safari users into thinking they're visiting one site when in fact the Apple-made browser is connected to an entirely different address.
The recently published proof-of-concept exploit causes the Safari address bar to display dailymail.co.uk even though the browser is displaying content from deusen.co.uk. It works on fully patched versions of iOS and OS X. Malicious attackers might use the bug to dupe Safari users into thinking they're connecting to a trusted site instead of one that's phishing their login credentials or attempting to install malware.
The demo code isn't perfect. On the iPad Mini Ars tested, the address bar periodically refreshed the address as the page appeared to reload. The behavior might tip off more savvy users that something is amiss. Still, many users would surely fail to spot the unusual refresh. What's more, the refresh behavior wasn't observed on a MacBook Pro Ars also tested.
Read 2 remaining paragraphs | Comments