u/Safe-Lie5394

Hey everyone, just a massive heads-up if you are trying to buy anything from Cosmic Byte right now. Their website (thecosmicbyte.com) appears to have been compromised, and they are currently hosting a highly sophisticated 'Browser in the Browser' phishing attack designed to steal your Google credentials.

Here is exactly how I stumbled onto it and how the scam works:

How to test it (Please don't actually enter your password):

1. I started on the Cosmic Byte home page.
2. I clicked the account icon in the top right to log in.
3. On the login page, I clicked the "Continue with Google" button.
4. Instead of opening a genuine, secure Google pop-up, it generated a fake window inside the webpage itself.

At first glance, it looks identical to a real Google sign-in prompt, complete with a fake address bar showing accounts.google.com and a padlock icon. But a few things gave it away. The title bar of the pop-up was in Russian, then when I clicked the fake "padlock" to check the certificate, the security dropdown that appeared was also entirely in Russian, and I couldn't drag the pop-up outside the bounds of the main browser window.

I tested it by entering a totally fake password (fuckyoulmaodead), and it said wrong password with a bad very poor CSS lol.

I opened up F12 to see what was actually running. The thing was full of warnings showing that the Cosmic Byte website was actively making third-party requests and sending data to a completely different, random domain: itu-ramusgrandst.online/youtube/password/.

I even navigated directly to that URL, and it’s also poorly coded, full-page fake Google login screen.

[ALSO the site loaded very slowly on each page, which was also not normal]

TL;DR: Cosmic Byte has malicious JavaScript injected into their login flow. If you use "Sign in with Google," it creates a fake pop-up that sends your password straight to a scammer's server. Do not log into their site right now, and if you recently did, change your Google password immediately and enable 2FA.

I've already sent an email to their support team with the console logs, but wanted to warn everyone here in the meantime. Stay safe!

https://preview.redd.it/tsn477xnjjwg1.png?width=1920&format=png&auto=webp&s=62ebd90618b18943f8894a44d1351f5f81137824

https://preview.redd.it/spk748xnjjwg1.png?width=1922&format=png&auto=webp&s=ed2665a6e0a030a7feb347be8bbd9ec959f890a3

https://preview.redd.it/32oh27xnjjwg1.png?width=1920&format=png&auto=webp&s=17604b9c55ea30abae50266180b3e8b9712e8592

https://preview.redd.it/se8a69xnjjwg1.png?width=1920&format=png&auto=webp&s=0d9d02392f01235c62ec0a8b1bed4e96275aa86a

https://preview.redd.it/uwabj9xnjjwg1.png?width=1920&format=png&auto=webp&s=23c28c67f2e5cadc212c8d9af4df4604b17cc1e3

https://preview.redd.it/gxwk96xnjjwg1.png?width=1920&format=png&auto=webp&s=ce9f6a19ecbc1f3a2cd47bf04e377b456a22d7ca

https://preview.redd.it/6lrkmaxnjjwg1.png?width=1920&format=png&auto=webp&s=9189a3513b32e828064d15eb652fe80c6d28b6ee

https://preview.redd.it/ljri4axnjjwg1.png?width=1920&format=png&auto=webp&s=0946d29ab0adf4d2a7183b6d2972cae1c54b74fb