Rascals are always sociable, and the chief sign that a man has any nobility in his character is the little pleasure he takes in others company. Arthur Schopenhauer

File Archiver In The Browser

This article explores a phishing technique that emulates a file archiver software in the browser while using a .zip domain.

Last week Google released several new top-level domains (TLDs) including .dad, .phd, .mov and .zip. Many members of the security community began posting about concerns they had with TLDs that can be mistaken for file extensions, specifically, .mov and .zip. The intention of this article isn’t to discuss my opinion on the topic, instead, I’ll be showcasing how it can be used to enhance phishing engagements.

With this phishing attack, you simulate a file archiver software (e.g. WinRAR) in the browser and use a .zip domain to make it appear more legitimate. File Archiver In The Browser