top of page
Search
Writer's pictureStormsec

Threat in your browser: what dangers innocent-looking extensions hold for users

Malicious and unwanted add-ons are often distributed through official marketplaces. In 2020, Google removed 106 browser extensions from its Chrome Web Store. All of them were used to siphon off sensitive user data, such as cookies and passwords, and even take screenshots; in total, these malicious extensions were downloaded 32 million times. Victims of these attacks were not only individuals, but also businesses. Overall, more than 100 networks were abused, giving threat actors a foothold on financial service firms, oil and gas companies, the healthcare and pharmaceutical industries, government and other organizations. Another malicious Google Chrome extension that was available for download even in the official store could recognize and steal payment card details entered in web forms. Google deleted it from the Chrome Web Store, but the malware had already infected more than 400 Chrome users, putting their data at huge risk.





MALWARE FAMILIES: DealPly, AddScript, FB Stealer


ATT&CK IDS: T1176 - Browser Extensions, T1113 - Screen Capture, T1566 - Phishing


Read More:

2 views

Comments


Commenting has been turned off.
bottom of page