news 
Don’t Click Twice—New Chrome, Edge, Safari Hack Attack Warning
A new and highly dangerous hack attack has been discovered, allowing hackers to bypass clickjacking protections and manipulate user interfaces in a way that can lead to account takeovers on various major platforms. The exploit, known as “double-clickjacking,” requires the target to simply double-click on a prompt, allowing hackers to switch out benign UI elements for sensitive ones in the blink of an eye.
According to cybersecurity expert Yibelo, this hack attack is particularly concerning because it can bypass existing clickjacking protections and has the potential to impact not just websites but also crypto wallets and smartphones. “Double-clickjacking opens the door to new UI manipulation attacks that bypass all known clickjacking protections,” Yibelo warned.
The hack attack works by exploiting the event timing between clicks, allowing attackers to seamlessly swap out benign UI elements for sensitive ones in a split second. This means that developers and security teams must be more vigilant about controlling embedded or opener-based windows and monitoring for multi-click patterns.
In light of this new threat, cybersecurity professionals are warning users to exercise extreme caution when interacting with prompts on their browsers. “The marginal decreases in ransomware and malware over the past year should not fool people – hackers have simply changed their tactics,” said Spencer Starkey, an executive vice president at SonicWall.
Starkey emphasized that attacks are constantly evolving and adapting to evade detection, making it essential for cybersecurity professionals to remain vigilant and monitor networks for suspicious activity. “The sooner teams can flag a potential issue, the lower the risk of an attack,” he advised.
In the meantime, users should be wary of double-clicking on prompts until in-browser mitigations become available.
Source: www.forbes.com
