“Another way to save subtlety without taking action is to use the UIA caching mechanism,” the researcher said. “In addition to the UI elements currently displayed on the screen that we can interact with, many elements are preloaded and cached. We can also interact with those features, like reading messages that can’t be displayed on the screen, or even setting up a text box and sending messages without it being visible on the screen.”
This, of course, applies to other applications as well. For example, in the context of an online shopping website opened in a browser, an attacker can use UIA to detect when a user enters credit card information and extract that data.
Or they can interact with the address bar to redirect the user to a malicious version of the website they’re currently open. Since the user already expects to be on the website, they may not even notice the address change. For example, if a website refreshes and asks them to sign in, they may think their session has expired and they need to re-authenticate. This happens frequently on other websites, including email services, and may not be suspicious.
Source link