RAFAY BALOCH is a renown Pakistani hacker who is recognized worldwide by his services
Developers give their heart and soul in creating an application that is secure and powerful when it is released and with all this hassle they sometimes miss some minute flaws in their code that leads to further loopholes and gives a backdoor to malware attacks and spams. So, this is the exact reason why bug bounties exist and how Rafay Baloch is $5000 richer now.
Pakistani hacker, Rafay Baloch has reportedly found a bug that resolves how browsers like Mozilla Firefox and Google Chrome use their Omni box address bars. The hacker received a combined sum of $5000 for the reported flaw.
Rafay Baloch is mainly known for his “ethical” hacking attempts. He apparently found the liability in the process that the browsers, Chrome and Firefox use to render website addresses that might lead the users to be redirected to a phishing website. The hacker allegedly said that such attempts are made to fish out private and financial information of users by tricking them into thinking that they are visiting some credible website and instead they are taken to a spam one which further leads to huge personal and financial loss.
Apparently, all Omnibox browsers can be used to make phishing attempts. These sort of scams are instantiated by creating a fake website with all the same user interface and design patterns as the original website, which are hardly distinguishable and trick users into thinking that they are on the page they wanted, which leads them to willingly giving up their private information to the hands of scammers.
Rafay reports that the flaw existed because of the rendering pattern of certain languages that are displayed from right to left for example: Urdu, Arabic, Hebrew or Persian etc, which sometimes mishandles the displaying of some Unicode characters like (“/”), the forward slash. He also explained his point by giving an example:
The URL 127.0.0.0/ا/http://google.com would display itself as http://google.com/ا/127.0.0.0on the browser. The http://126.96.36.199/%EF%B9%B0/http://google.com/test URL will turn into http://google.com/test/188.8.131.52, which leads users to fall into the phishing trap.
He avoided exposing any technical details of how Google and Firefox plan on fixing the flaws, but he mentioned that variations of such flaw also exist in some other similar browsers as well and according to Rafay, the further releases of Chrome 53 and Firefox 48 will supposedly won’t have this issue.
Previous achievements of Rafay point to no less than he is an epic genius, who has formerly discovered a remote code execution vulnerability in Paypal, which ultimately got him a job from PayPal offering a whopping sum of $10,000 on monthly basis. He also found the Android Stock Browser Address Bar Spoofing which was critical for the current as well as the earlier versions of Android.