🧊 Malicious Chrome extensions can spoof password managers in new attack

chushpan

chushpan

Professional
Messages
661
Reaction score
449
Points
63
👉 A newly developed “polymorphic” attack allows malicious Chrome extensions to morph into other browser extensions, including password managers, cryptocurrency wallets, and banking apps, to steal sensitive information.

📰 The attack was developed by SquareX Labs, which warns of its practicality and feasibility on the latest version of Chrome. The researchers responsibly reported the attack to Google.

🗞 SquareX uses an example of an AI marketing tool that offers promised functionality by tricking victims into installing and pinning the extension to their browser.

📰 To get a list of other installed extensions, the malicious extension abuses the 'chrome.management' API, which it gained access to during installation.

👀 If the malicious extension does not have this permission, SquareX claims that there is a second, more stealthy way to achieve the same thing, involving injecting resources into web pages visited by the victim.

📌 The malicious script attempts to download a specific file or URL unique to the target extensions, and if it downloads, it can be concluded that the extension is installed.
 
You must log in or register to reply here.

Similar threads

Friend
Malicious extensions massively hijack Chrome and Edge
Replies
0
Views
96
Friend
Friend
chushpan
🖥 New Trojan Can Spy, Steal Cryptocurrency, and Disguise Itself to Avoid Detection
Replies
0
Views
56
chushpan
chushpan
chushpan
🧊 Google to Pay Out $12 Million in Bug Bounties in 2024
Replies
0
Views
92
chushpan
chushpan
chushpan
😷 Medusa Ransomware Uses Malicious Driver to Disable Antivirus Software with Stolen Certificates
Replies
0
Views
70
chushpan
chushpan
Tomcat
In the VSCode addon store, we found thousands of malware with millions of installations
Replies
0
Views
184
Tomcat
Tomcat
Back
Top