Croatian security researcher Bojan Zdrnja discovered a malicious Google Chrome extension that can communicate with a remote command and control (C&C)
A cybersecurity research team has found a malicious extension in the Google Chrome browser in the wild abusing the Google Chrome Sync process that may help hackers steal consumer information.

Hackers can make use of the Chrome sync feature to ship commands to infected internet browsers and steal information from infected programs, bypassing traditional firewalls and other network defenses to steal data.

Croatian security researcher Bojan Zdrnja discovered a malicious Google Chrome extension that can communicate with a remote command and control (C&C) server and as a technique to exfiltrate information from infected browsers, reports ZDNet.

Chrome sync is a characteristic of the Google Chrome web browser that stores copies of a user's browsing history, Chrome bookmarks, passwords, and browser settings on Google's cloud servers.

In line with Zdrnja, the objective was to use the malicious extension to "manipulate data in an internal web application that the victim had access to." "While they also wanted to extend their access, they actually limited activities on this workstation to these related to internet applications, which explains why they dropped only the malicious Chrome extension, and not any other binaries," Zdrnja stated in the report.

The idea for this attack was malicious extensions in Chrome that the attacker dropped on the compromised system.

"Now, malicious extensions are nothing new, there were a number of analyses about such extensions and Google continuously removes dozens of them from Chrome Web Store, which is the place to go to in order to download and install extensions," the security researcher mentioned.
Axact

AndroBliz

Welcome to AndroBliz, the apprise in technology. While we serve you with daily pizza in terms of updates, do hook up with us on our social media platforms below.

Post A Comment:

0 comments: