- A new highjacking attack targets Chrome browsers
- It could steal all your browser data and even from your OS
- There are several ways for users to fight back
Whether you believe it to be the best web browser, Google Chrome is undoubtedly the most popular search engine by a landslide. For that reason, it remains a popular target for hackers as well. And now, a massive new threat is on the horizon, which could threaten billions of users.
A new attack called โBrowser Syncjackingโ has been discovered by security researchers at the cybersecurity firm SquareX (reported on by BleepingComputer). Though it requires several steps, itโs shockingly easy for the average Chrome user to fall victim, as it needs minimal permissions.
First, a malicious Google Workspace domain is created with multiple user profiles, and security features like multi-factor authentication are disabled. This is used to create managed profiles in the background of the victimโs devices. Then, hackers will then create a malicious Chrome extension to launch on the official Chrome Store, appearing as a useful tool to attract potential victims.
Once any potential victims install the extension, it hides a browser window that runs in the background to log the victim into one of the Workspace profiles previously made. The final step involves tricking the victim into activating Chrome sync by opening a very real Chrome support page thatโs been tampered with, then guiding them through turning on sync. If this happens, that personโs full Chrome account and stored data โ including browsing history and passwords โ are now available on the hackerโs profile.
From here, as SquareX explains, a victimโs entire browser can be taken over, often through a seemingly innocent Zoom invite that, if accepted, gets malicious content from that Chrome extension injected into it. If the victim falls for a prompt that asks to update Zoom, the update (actually an executable file that contains an enrollment token) will allow the hacker to control the browser completely.
Not only does this give hackers free reign over any data stored in your browser and allow them to spy on any websites you browse (and see any sensitive information you input), but it also allows them to access your OS to โinstall malware, capture keystrokes, extract sensitive data and even activate a deviceโs webcam and microphone,โ as Tomโs Guide details.
How do you stay safe?
This all sounds overwhelming and even impossible to avoid since the attacks require so little input from users to get the ball rolling. But there are ways to keep your browser safe from harm.
The first is to avoid installing new Google Chrome extensions while limiting the ones you already have. If you really need to install anything new, make sure to research it and its developers for signs of suspicious activity.
Itโs also essential to have the best antivirus software, which will automatically scan your PC or Mac regularly and immediately alert you to suspicious activity. Itโs best to store passwords in the best password managers instead of in the browser, protecting them from hackersโ prying eyes.
There are always new attacks on the horizon, but itโs vital to stay vigilant in your online activity and be careful of extensions and software you download. This will always serve to protect your browser and computer.
Leave a Reply