![Apple to Avoid EU Fine Over Browser Choice Screen [Report]](https://www.iclarified.com/images/news/96813/96813/96813-640.jpg)
![iOS 18.4 Release Candidate comes bundled with over 50 new changes and features [Video]](https://i0.wp.com/9to5mac.com/wp-content/uploads/sites/6/2025/03/iOS-18.4-Release-Candidate-Visual-Intelligence-Action-Button-iPhone-16e.jpg?resize=1200%2C628&quality=82&strip=all&ssl=1)
-xl-xl.jpg)
_alon_harel_Alamy.jpg?#)
![[The AI Show Episode 140]: New AGI Warnings, OpenAI Suggests Government Policy, Sam Altman Teases Creative Writing Model, Claude Web Search & Apple’s AI Woes](https://www.marketingaiinstitute.com/hubfs/ep%20140%20cover.png)
![[The AI Show Episode 139]: The Government Knows AGI Is Coming, Superintelligence Strategy, OpenAI’s $20,000 Per Month Agents & Top 100 Gen AI Apps](https://www.marketingaiinstitute.com/hubfs/ep%20139%20cover-2.png)
.png?width=1920&height=1920&fit=bounds&quality=80&format=jpg&auto=webp#)
.png?width=1920&height=1920&fit=bounds&quality=80&format=jpg&auto=webp#)
New Phishing Attack Using Browser-In-The-Browser Technique To Attack Gamers
A sophisticated new phishing campaign has emerged targeting the gaming community, specifically Counter-Strike 2 players, using an advanced technique known as Browser-in-the-Browser (BitB). This attack method creates a convincing fake browser pop-up window that tricks users into entering their Steam credentials, allowing cybercriminals to steal valuable gaming accounts and virtual items. The campaign primarily targets […] The post New Phishing Attack Using Browser-In-The-Browser Technique To Attack Gamers appeared first on Cyber Security News.
A sophisticated new phishing campaign has emerged targeting the gaming community, specifically Counter-Strike 2 players, using an advanced technique known as Browser-in-the-Browser (BitB).
This attack method creates a convincing fake browser pop-up window that tricks users into entering their Steam credentials, allowing cybercriminals to steal valuable gaming accounts and virtual items.
The campaign primarily targets fans of professional esports team Navi (Natus Vincere), luring victims with promises of free in-game items, skins, and cases.
.webp)
Attackers have established multiple phishing domains with names suggesting connections to the popular team, including variations like “caseneos[.]cfd” and “caserevs[.]com”.
These sites are promoted through social media and YouTube videos promising free Counter-Strike 2 skins.
Silent Push researchers noted this attack in March 2025, noting that the phishing operation appears to originate from Chinese threat actors, with some sites displaying content in Mandarin alongside English elements.
The researchers observed hundreds of similar domains using identical templates, suggesting a large-scale, coordinated campaign.
The Browser-in-the-Browser technique represents a particularly deceptive form of phishing.
Unlike traditional phishing that simply mimics website designs, BitB creates a fake browser window within the victim’s legitimate browser.
.webp)
This includes spoofing browser UI elements like the address bar, security padlock icon, and window controls.
When users click on what appears to be a Steam login button, they’re presented with this fake browser window displaying a convincing replica of the Steam login page.
.webp)
Technical Analysis of the BitB Implementation
The technical sophistication of this attack lies in its visual deception.
The fake browser window is actually constructed using HTML and CSS to precisely mimic browser chrome elements.
When examining the attack closely, users would notice the URL in the fake address bar cannot be selected or modified, as it’s merely part of an image or styled HTML elements.
Furthermore, interactions with browser-specific features like bookmarks or extensions fail to produce expected results.
The attackers have implemented multiple detection evasion techniques, including domain rotation, with new phishing domains being registered almost daily.
Silent Push’s analysis revealed a dedicated IP address (77.105.161[.]50) hosting numerous phishing domains with identical HTML structure.
To protect against such attacks, gamers should verify URL authenticity by attempting to edit the address bar, check for HTTPS padlock functionality, and use Steam’s mobile app for QR code authentication rather than entering credentials directly into browser windows.
Investigate Real-World Malicious Links & Phishing Attacks With Threat Intelligence Lookup - Try for Free
The post New Phishing Attack Using Browser-In-The-Browser Technique To Attack Gamers appeared first on Cyber Security News.
