Hackers have The Liar (2014)discovered a new way to remotely take control of your computer — all through the Google Chrome web browser.
A report from cybersecurity company SquareX lays out the new multifaceted cyberattack, which the firm has dubbed "browser syncjacking."
At the core of the attack is a social engineering element, as the malicious actor first must convince the user to download a Chrome extension. The Chrome extension is usually disguised as a helpful tool that can be downloaded via the official Chrome Store. It requires minimal permissions, further cementing its perceived legitimacy to the user. According to SquareX, the extension actually does usually work as advertised, in order to further disguise the source of the attack from the user.
Meanwhile, secretly in the background, the Chrome extension connects itself to a managed Google Workspace profile that the attacker has set up in advance. With the user now unknowingly signed into a managed profile, the attacker sends the user to a legitimate Google support page which is injected with modified content through the Chrome extension, telling the user they need to sync their profile.
When the user agrees to the sync, they unwittingly send all their local browser data, such as saved passwords, browsing history, and autofill information, to the hacker's managed profile. The hacker can then sign into this managed profile on their own device and access all that sensitive information.
The attack up to this point already provides the hacker with enough material to commit fraud and other illicit activities. However, browser syncjacking provides the hacker with the capability to go even further.
Using the teleconferencing platform Zoom as an example, SquareX explains that using the malicious Chrome extension, the attacker can send the victim to an official yet modified Zoom webpage that urges the user to install an update. However, the Zoom download that's provided is actually an executable file that installs a Chrome browser enrollment token from the hacker's Google Workspace.
After this occurs, the hacker then has access to additional capabilities and can gain access to the user's Google Drive, clipboard, emails, and more.
The browser syncjacking attack doesn't stop there. The hacker can take one further step in order to not just take over the victim's Chrome profile and Chrome browser, but also their entire device.
Through that same illicit download, such as the previously used Zoom update installer example, the attacker can inject a "registry entry to message native apps" by weaponizing Chrome’s Native Messaging protocol. By doing this, the attacker basically sets up a connection "between the malicious extension and the local binary." Basically, it creates a flow of information between the hacker's Chrome extension and your computer. Using this, the hacker can send commands to your device.
What can the hacker do from here? Pretty much anything they want. The attacker will have full access to the user's computer files and settings. They can create backdoors into the system. They can steal data such as passwords, cryptocurrency wallets, cookies, and more. In addition, they can track the user by controlling their webcam, take screenshots, record audio, and monitor everything input into the device.
As you can see, browser syncjacking is nearly completely unrecognizable as an attack to most users. For now, the most important thing you can do to protect yourself from such a cyberattack is to be aware of what you download and only install trusted Chrome extensions.
Topics Cybersecurity Google
Then and Now: 5 Generations of GeForce Graphics Compared
Crypto exchange Binance now lets you buy coins with a credit card
Usain Bolt tied the NFL's 40
First grader makes astute observation upon meeting Donald Trump
9 Tech Products That Were Too Early to Market
What would make you trust an AI assistant? How about a face?
What would make you trust an AI assistant? How about a face?
Samsung Galaxy S10 will probably be very, very expensive
Optogenetics: A Virtual Reality System for Controlling Living Cells
Why Chrissy Teigen made her Twitter account private
Super Bowl LIX livestream: Watch Eagles vs Chiefs on Tubi
Apple's 2020 iPhone will have a more powerful 3D camera, report says
Pregnant dog delays Moscow metro train by giving birth
Hillary Clinton weighs in on the Kim Kardashian robbery
Greenpeace activists charged after unfurling 'Resist' banner at Trump Tower in Chicago
Yo quiero this Taco Bell Airbnb
Tesla Model Y is on the way
Super Bowl LIII will feature male cheerleaders for the very first time
Then and Now: 5 Generations of GeForce Graphics Compared
Fake news sites are simply changing their domain name to get around Facebook fact
'Quordle' today: See each 'Quordle' answer and hints for September 25, 2023Football fans react to Taylor Swift and Travis KelceThe Enlightenment Is Like a Centaur—and We Must Kill It!Dan Bongino has been permanently banned from YouTubeOn Substack, COVID misinformation is allowed to flourishOn Taylor Swift’s PassiveWordle today: Here's the answer and hints for September 24“Defenestration of Prague,” a Poem by Susan HoweWordle today: Here's the answer and hints for September 24On Substack, COVID misinformation is allowed to flourishSnack is a dating app for the TikTok generationVideo and audio calls on X, formerly Twitter, will be for paying subscribers onlyDid the Erie Canal Change Our Vowel Sounds?Spotify's new Jam feature will let you listen to shared playlists in real timeHow the WPA Posters Changed Graphic DesignPrequel app turns your photos into hot cartoons3 iPhone 15 features Samsung Galaxy S24 will steal, according to rumorsDid the Erie Canal Change Our Vowel Sounds?At Auction: A Rare Edition of Ulysses Illustrated by MatisseSouvenirs of a Life: Collages by John Ashbery & Guy Maddin Verizon's 'Embeds' takes you on the political campaign trail Ben and Jerry's bourbon ice cream seems like a dream, but it's real Celebrities are pouring money into the ACLU after Trump's immigration ban How to use iMessage special effects on your iPhone Iranian Oscar nominee barred from ceremony by Trump's Muslim ban New York City's bridges could be monitored with facial recognition Apple, Uber, Netflix, Twitter join corporate rebuke of Trump immigration policy Justin Trudeau takes on Trump with a perfectly timed photo Disney's Boba Fett just pulled off the slickest move of all time Feds secretly forced Twitter to disclose a user's identity — twice Apple files a patent for a vaporizer, yep, a vaporizer A 'pussyhat' lands a spot on the cover of 'TIME' and 'The New Yorker' Airbnb offers free housing to those affected by Muslim travel ban 'Counter This is why you should never, ever drink 'tea' you find lying around Ed Sheeran's tweet about his new GQ cover is classic Ed Sheeran You can wash this smartphone with water and soap Melania Trump's 'Vanity Fair' cover is causing a ton of controversy in Mexico Starbucks' mobile orders are too popular for their own good Shyamalan's 'Split' is still #1 at the box office
3.0623s , 10137.28125 kb
Copyright © 2025 Powered by 【The Liar (2014)】,Feast Information Network