Hackers980 Archivesdiscovered a new way to remotely take control of your computer — all through the Google Chrome web browser.
A report from cybersecurity company SquareX lays out the new multifaceted cyberattack, which the firm has dubbed "browser syncjacking."
At the core of the attack is a social engineering element, as the malicious actor first must convince the user to download a Chrome extension. The Chrome extension is usually disguised as a helpful tool that can be downloaded via the official Chrome Store. It requires minimal permissions, further cementing its perceived legitimacy to the user. According to SquareX, the extension actually does usually work as advertised, in order to further disguise the source of the attack from the user.
Meanwhile, secretly in the background, the Chrome extension connects itself to a managed Google Workspace profile that the attacker has set up in advance. With the user now unknowingly signed into a managed profile, the attacker sends the user to a legitimate Google support page which is injected with modified content through the Chrome extension, telling the user they need to sync their profile.
When the user agrees to the sync, they unwittingly send all their local browser data, such as saved passwords, browsing history, and autofill information, to the hacker's managed profile. The hacker can then sign into this managed profile on their own device and access all that sensitive information.
The attack up to this point already provides the hacker with enough material to commit fraud and other illicit activities. However, browser syncjacking provides the hacker with the capability to go even further.
Using the teleconferencing platform Zoom as an example, SquareX explains that using the malicious Chrome extension, the attacker can send the victim to an official yet modified Zoom webpage that urges the user to install an update. However, the Zoom download that's provided is actually an executable file that installs a Chrome browser enrollment token from the hacker's Google Workspace.
After this occurs, the hacker then has access to additional capabilities and can gain access to the user's Google Drive, clipboard, emails, and more.
The browser syncjacking attack doesn't stop there. The hacker can take one further step in order to not just take over the victim's Chrome profile and Chrome browser, but also their entire device.
Through that same illicit download, such as the previously used Zoom update installer example, the attacker can inject a "registry entry to message native apps" by weaponizing Chrome’s Native Messaging protocol. By doing this, the attacker basically sets up a connection "between the malicious extension and the local binary." Basically, it creates a flow of information between the hacker's Chrome extension and your computer. Using this, the hacker can send commands to your device.
What can the hacker do from here? Pretty much anything they want. The attacker will have full access to the user's computer files and settings. They can create backdoors into the system. They can steal data such as passwords, cryptocurrency wallets, cookies, and more. In addition, they can track the user by controlling their webcam, take screenshots, record audio, and monitor everything input into the device.
As you can see, browser syncjacking is nearly completely unrecognizable as an attack to most users. For now, the most important thing you can do to protect yourself from such a cyberattack is to be aware of what you download and only install trusted Chrome extensions.
Topics Cybersecurity Google
The Ideal Smartphone for 2017
Amazon reportedly plants fake packages as a trap for drivers
How to clean up the Great Pacific Garbage Patch
What Amazon got right about smart speakers that Facebook won't
Best external hard drive deal:WD 5TB Elements for $114.99
50 very unlikely things we want from the Democratic National Convention
Watch this dad expertly help his kid pretend to be Spider
Over half of all Americans who take selfies dislike them, says survey
9 Tech Products That Were Too Early to Market
Pixel 3 is supposedly available for pre
Optogenetics: A Virtual Reality System for Controlling Living Cells
YouTube just made a major change to its trending page
China blocks Twitch
Ted Cruz's latest dig at Beto O'Rourke might be his vilest yet
NYT Connections Sports Edition hints and answers for February 15: Tips to solve Connections #145
Facebook set to release video chat device Portal
Munich shooter may have used Facebook post to lure victims, police say
Amazon reportedly plants fake packages as a trap for drivers
Amazon Prime members gets 10% off Grubhub orders through Feb. 17
Peter Thiel's speech was a milestone for the gay community, just not the one we wanted
Inside Alice Munro’s Notebooks by Benjamin HedinDoodle Nation: Notes on Distracted Drawing by Polly DicksonSafe camp by Sara GilmoreThe Psychopathology of Everyday Café Life in Freud’s Vienna by Deborah LevyMy Enemies, A–Z by Molly Young“We’re Never Alone” by Tobias WolffDreaming Within the Text: Notebooks on Herman Melville by Christopher BollasCooking Peppermint Chiffon Pie with Flannery O’Connor by Valerie StiversFive Letters from Seamus Heaney by Seamus HeaneyThose That Are Fools: At Clownchella by Rob GoyanesRorschach by Diana Garza IslasLetters from Shirley Hazzard and Donald Keene by Shirley Hazzard and Donald KeeneMaking of a Poem: Maureen N. McLane on "Haptographic Interface" by Maureen N. McLaneAnacondas in the Park by Pedro LemebelMaking of a Poem: Mark Leidner on “Sissy Spacek” by Mark LeidnerMy Enemies, A–Z by Molly YoungBook as Enemy by Adania ShibliAt the Five Hundred Ponies Sale by Alyse BurnsideAnother Life: On Yoko Ono by Cynthia ZarinAt the Five Hundred Ponies Sale by Alyse Burnside Don't install Android 12 beta on your OnePlus phone just yet Why Elon Musk has suddenly fallen out with Bitcoin Google IO 2021: Android phones get Android TV remote functionality Ebay's new adult item ban makes absolutely zero sense Spotify menu suggests HiFi streaming might launch soon Footballer leaves game after scoring two goals to catch the birth of his baby Google IO: Google Photos adds 'Locked Folder' so you can hide photos Beyoncé gave us all an early holiday gift with festive new merch Backstreet Boys' Nick Carter accused of sexual assault by former teen pop star Chrissy Teigen roasted Animal Crossing: Pocket Camp in new tweet storm 3 signs the climate op Twitter may introduce special labels for humor and satire accounts HBO Max plans Harry Potter trivia special for the film anniversary YouTube adds more moderation to YouTube kids to find violent videos How to help people around the world get vaccinated 'Mass Effect: Legendary Edition' is still great and still problematic The FCC has floated rules to kill net neutrality—here's what comes next Google wants to make changing your compromised passwords easier 13 best tweets of the week, including Dame Judi Dench, blackberries, and the Big Purchase Eufy security cameras suddenly start showing live feeds to strangers
3.4671s , 10137.2421875 kb
Copyright © 2025 Powered by 【1980 Archives】,Information Information Network