Advertisement
Top
image credit: Pixabay

Attackers Leverage Locally-Loaded Chrome Extension for Data Exfiltration

February 8, 2021

Via: Security Week
Category:

While the use of malicious Chrome extensions in attacks is not something new, this attack stands out from the crowd due to the use of ‘Developer mode’ in the browser to enable loading of a malicious extension locally.

The extension was dropped in a folder on the compromised workstation, while the ‘Developer mode’ was enabled directly from the browser (it is available in More Tools -> Extensions). Any user can leverage this legitimate function by clicking ‘Load unpacked.’

Read More on Security Week

RELATED PUBLICATIONS

Google fixed critical Chrome vulnerability CVE-2024-4058
OpenAI’s GPT-4 can exploit real vulnerabilities by reading security advisories
Unpatched Vulnerabilities: The Most Brutal Ransomware Attack Vector

Latest Publications

Sweden’s liquor supply severely impacted by ransomware attack on logistics company
Autodesk Drive Abused in Phishing Attacks 
Google fixed critical Chrome vulnerability CVE-2024-4058
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!