Hackers have Sheriff, Mary D. Fragonard: Art and Eroticism boucherdiscovered a new way to remotely take control of your computer — all through the Google Chrome web browser.
A report from cybersecurity company SquareX lays out the new multifaceted cyberattack, which the firm has dubbed "browser syncjacking."
At the core of the attack is a social engineering element, as the malicious actor first must convince the user to download a Chrome extension. The Chrome extension is usually disguised as a helpful tool that can be downloaded via the official Chrome Store. It requires minimal permissions, further cementing its perceived legitimacy to the user. According to SquareX, the extension actually does usually work as advertised, in order to further disguise the source of the attack from the user.
Meanwhile, secretly in the background, the Chrome extension connects itself to a managed Google Workspace profile that the attacker has set up in advance. With the user now unknowingly signed into a managed profile, the attacker sends the user to a legitimate Google support page which is injected with modified content through the Chrome extension, telling the user they need to sync their profile.
When the user agrees to the sync, they unwittingly send all their local browser data, such as saved passwords, browsing history, and autofill information, to the hacker's managed profile. The hacker can then sign into this managed profile on their own device and access all that sensitive information.
The attack up to this point already provides the hacker with enough material to commit fraud and other illicit activities. However, browser syncjacking provides the hacker with the capability to go even further.
Using the teleconferencing platform Zoom as an example, SquareX explains that using the malicious Chrome extension, the attacker can send the victim to an official yet modified Zoom webpage that urges the user to install an update. However, the Zoom download that's provided is actually an executable file that installs a Chrome browser enrollment token from the hacker's Google Workspace.
After this occurs, the hacker then has access to additional capabilities and can gain access to the user's Google Drive, clipboard, emails, and more.
The browser syncjacking attack doesn't stop there. The hacker can take one further step in order to not just take over the victim's Chrome profile and Chrome browser, but also their entire device.
Through that same illicit download, such as the previously used Zoom update installer example, the attacker can inject a "registry entry to message native apps" by weaponizing Chrome’s Native Messaging protocol. By doing this, the attacker basically sets up a connection "between the malicious extension and the local binary." Basically, it creates a flow of information between the hacker's Chrome extension and your computer. Using this, the hacker can send commands to your device.
What can the hacker do from here? Pretty much anything they want. The attacker will have full access to the user's computer files and settings. They can create backdoors into the system. They can steal data such as passwords, cryptocurrency wallets, cookies, and more. In addition, they can track the user by controlling their webcam, take screenshots, record audio, and monitor everything input into the device.
As you can see, browser syncjacking is nearly completely unrecognizable as an attack to most users. For now, the most important thing you can do to protect yourself from such a cyberattack is to be aware of what you download and only install trusted Chrome extensions.
Topics Cybersecurity Google
Celtic vs. Bayern Munich 2025 livestream: Watch Champions League for free
This fan's picture with Matthew Broderick is hilarious
Adele paid tribute to Dolly Parton in the best way possible
Airbnb is providing temporary housing to 20,000 Afghan refugees
Blockchain Explained: How It Works, Who Cares and What Its Future May Hold
IKEA founder Ingvar Kamprad dead at age 91
Donald Trump says he's not a feminist to the surprise of absolutely no one
OnlyFans realizes the whole purpose of the site was explicit content and backtracks
Best AirPods deal: Apple AirPods 4 for $99.99 at Amazon
Aly Raisman has some important demands for Olympic Committee's Nassar investigation
Best MacBook deal: Save $200 on 2024 M3 MacBook Air
Ryan Reynolds is furious at that 'Ted Lasso' snub, demands biscuits
'Ghostbusters: Afterlife' first reactions deem it 'nostalgia done right'
The weird world of anti
Did Elon Musk push former FAA leader out? Trump admin responds after deadly plane crash
'What If...?' showed us a universe where Mark Ruffalo got a Hulk movie
Stormy Daniels denies affair with Trump before 'Jimmy Kimmel Live!' appearance
People are tweeting the creepiest things they've heard kids say and it's a full
Trump who? Tech giants join massive effort to uphold Paris Agreement
How to use iPhone's Bedtime mode
Blizzard's Hearthstone to return to China on September 25 · TechNodeCarina Nebula images from James Webb and Hubble telescopes paint stunning cosmic viewsAstronomy Photographer of the Year 2022 finalists: All the otherworldly photosAustralia vs. Namibia 2024 livestream: Watch T20 World Cup for freeOnePlus Pad 2 debuts with upgraded vibrating tip stylus · TechNodeHow to cancel Tinder GoldScientists spot puzzling, unusually perfect holes on the ocean floorWebb telescope captures vivid Cartwheel Galaxy in new photoJD to sell select highNASA reveals deep space photo from James Webb Space Telescope testNASA identifies strange object its rover found on MarsWordle today: The answer and hints for June 11Temu hits $20 billion sales in H1 fueled by expansion efforts: report · TechNodeScientists spot puzzling, unusually perfect holes on the ocean floorJD to sell select highMediaTek develops ArmApple plans to work with Google’s Gemini, other AI modelsVolcano's giant eruption did something unprecedented, says NASAApple unveils its own Google Magic Eraser tool – Clean Up –at WWDC 2024Apple unveils its own Google Magic Eraser tool – Clean Up –at WWDC 2024 A Laborer Called a Writer: On Leonard Cohen by Carina del Valle Schorske Encounters with Ghosts by Sadie Stein Other People’s Partings by Peter Orner Our Summer Issue Poets Recommend by The Paris Review Yodeling into a Canyon: A Conversation with Nancy Lemann by Sophie Haigney Acte Gratuit by Alice Blackhurst Free Dirt by Angella d'Avignon On Watery Artworks and Writing Deep Emotion, Plain Speech: Camus’s The Plague by Laura Marris Fairy Tale by Darryl Pinckney Basilica by Cynthia Zarin The Ritz of the Bayou: Nancy Lemann’s Shabby Find My Friends by Sophie Haigney A Brighter Kind of Madness: On Leonard Cohen by Ottessa Moshfegh Genres for War: Writers in Ukraine on Literature by Zarina Zabrisky Unconditional Death Is a Good Title by Bernadette Mayer At the Joan Didion Estate Sale by Sophie Haigney Announcing the Winners of 92Y's 2022 Discovery Contest by The Paris Review Helen Garner, Daniel Halpern, and Keith Hollaman Recommend by The Paris Review Diary, 2011 by Andrew Martin
2.7545s , 8287.453125 kb
Copyright © 2025 Powered by 【Sheriff, Mary D. Fragonard: Art and Eroticism boucher】,Feast Information Network