WELCOME TO EHOST.COM.NP

Thursday, August 17, 2017

8 More Chrome Extensions Hijacked to Target 4.8 Million Users

           Add Comments   

ads space

Google’s Chrome web browser Extensions are under attack with a series of developers being hacked within last one month.

Almost two weeks ago, we reported how unknown attackers managed to compromise the Chrome Web Store account of a developer team and hijacked Copyfish extension, and then modified it to distribute spam correspondence to users.

Just two days after that incident, some unknown attackers then hijacked another popular extensionWeb Developer‘ and then updated it to directly inject advertisements into the web browser of over its 1 million users.

After Chris Pederick, the creator of ‘Web Developer’ Chrome extension that offers various web development tools to its users, reported to Proofpoint that his extension had been compromised, the security vendor analysed the issue and found further add-ons in the Chrome Store that had also been altered.

According to the latest report published by the researchers at Proofpoint on Monday, the expanded list of compromised Chrome Extensions are as below:

  • Chrometana (1.1.3)
  • Infinity New Tab (3.12.3)
  • CopyFish (2.8.5)
  • Web Paint (1.2.1)
  • Social Fixer (20.1.1)

Proofpoint researcher Kafeine also believes Chrome extensions TouchVPN and Betternet VPN were also compromised in the same way at the end of June.

In all the above cases, some unknown attackers first gained access to the developers’ Google web accounts by sending out phishing emails with malicious links to steal account credentials.

Once the attackers gained access to the accounts, either they hijacked their respective extensions and then modified them to perform malicious tasks, or they add malicious Javascript code to them in an attempt to hijack traffic and expose users to fake ads and password theft in order to generate revenue.

In the case of the Copyfish extension, the attackers even moved the whole extension to one of its developers’ accounts, preventing the software company from removing the infected extension from the Chrome store, even after being spotted compromised behaviour of the extension.

“Threat actors continue to look for new ways to drive traffic to affiliate programs and effectively surface malicious advertisements to users,” researchers concluded. “In the cases described here, they are leveraging compromised Chrome extensions to hijack traffic and substitute advertisements on victims’ browsers.” 

“Once they obtain developer credentials through emailed phishing campaigns, they can publish malicious versions of legitimate extensions.”

At this time, it is unclear who is behind the hijackings of Chrome Web extensions.

The best way to protect yourself from such attacks is always to be suspicious of uninvited documents sent over a phishing email and never click on links inside those documents unless verifying the source.

Source link

ads space

 

ADS SPACE

0 comments:

Post a Comment

Categories

Article How-to All Posts WordPress Android Web design Blogger Plugins CSS Google JQuery Plugins Programming Reviews Web Hosting Blogger Blogging Blogging Tips Tricks Web Development Facebook Git Internet Make Money Online Social Plugins Tips Tips and Tricks Tools Tutorials Windows WordPress Plugins Blogging Tips and Tricks Freebies GSM Google Analytics HTML How To's JavaScript Plugin Development S.E.O SEO SMS SmartPhone Social Media Tips amp; Tricks Top-Most Updates Webmaster Tools Whatsapp Applications Apps Blogger Basics Documentary Downloads Entertainment Gadgets Games Gmail Google AdSense Guest Post IPhone Make Money Blogging SVN Security Softwares Web Hosting Tips and Tricks Wordpress Tips Wordpress Tips and Tricks hostgator iOS Advertising Networks Advertising Technology Affiliates Antivirus Audience amp; Traffic Biography Blog post Blog post Blogger Blogger Errors Blogger Tips Blogger Tools Blogger Widget Blogosphere Bogger Widgets CSS selectors CSS symbols CSS3 Computer amp; Internet Content Writing Coupon Codes Data amp; Analytics Deleted blog Design DoubleClick for Publishers Email and newsletter marketting Email marketing Excel Tips Excel Tips and Tricks Facebook Tricks Feed Feedburner Feedburner subscribers Font Fun GitHub Giveaways Gmail primary inbox Gmail tabs Google sign-in Guides HTML amp; CSS HTML5 Infographics Inspirational Instagram Internet Marketing Internet Tips amp; Tricks Job Listings Knowledge Life Hacks Lists Make-Money Monetization amp; Conversion Monetize Navigation Online Marketing Other PHP Tutorials Passport Publishing amp; Content Quotes RSS Sidebar Smartphones Social Networking Status Tech Tech Blog Technology Telegram Themes UI / UX User Psychology amp; Research VB.Net Web Tools Web browser Widget Windows Tips Windows-10 ad viewability admin notice blogging tools bluehost cherry-pick clone cors custom scrollbar customizer dismissible notices duplicate post feed title git branch git clone gpg gpg2 hybridauth iPad icon font notice responsive wordpress theme same origin policy scrollbar signed git commit smartsvn theme customizer vcs wordpress theme wordpress themes

Blog Archive

Contact Form

Name

Email *

Message *

Copyright © Sync Media