Welcome, Guest: Register On Nairaland / LOGIN! / Trending / Recent / New
Stats: 3,193,948 members, 7,952,822 topics. Date: Thursday, 19 September 2024 at 04:26 AM

Google Chrome Under Attack: DELETE These Extensions IF You Have Them On Chrome - Computers - Nairaland

Nairaland Forum / Science/Technology / Computers / Google Chrome Under Attack: DELETE These Extensions IF You Have Them On Chrome (1137 Views)

Privacy Concern? You Can Surf/browse Privately On Chrome. / Incognito Mode On Google Chrome Doesn't Stop Ur Boss Seeing What You’re Browsing / 10 Hidden Features In Google Chrome You Didn't Know About (2) (3) (4)

(1) (Reply) (Go Down)

Google Chrome Under Attack: DELETE These Extensions IF You Have Them On Chrome by callydon(m): 10:27am On Aug 17, 2017
Attackers have been phishing developers as a way of compromising Chrome extensions into spreading affiliate program ads that scare victims into paying for PC repairs.

Proofpoint researcher Kafeine has identified six compromised Chrome extensions that have been recently modified by an attacker after phishing a developer's Google Account credentials.


Web Developer 0.4.9, Chrometana 1.1.3, Infinity New Tab 3.12.3, CopyFish 2.8.5, Web Paint 1.2.1, and Social Fixer 20.1.1 were compromised in late July and early August. Kafeine believes TouchVPN and Betternet VPN were also comprised in late June with the same technique.

The main intent of the attack on Chrome extension developers is to divert Chrome users to affiliate programs and switch out legitimate ads with malicious ones, ultimately to generate money for the attacker through referrals.

The attackers have also been gathering credentials of users of CloudFlare, an availability service for website operators, which probably could be used in future attacks.

The hijacked extensions were coded mostly to substitute banner ads on adult websites, but also a range of other sites, and to steal traffic from legitimate ad networks.

"In many cases, victims were presented with fake JavaScript alerts prompting them to repair their PC, then redirecting them to affiliate programs from which the threat actors could profit," notes Kafeine.

At least one of the affiliate programs receiving the hijacked traffic promoted PCKeeper, a Windows-focused tool originally from ZeobitLLC, the maker of the MacKeeper security product that was the subject of a class action suit a few years ago over false security claims

A snippet of JavaScript in the compromised extensions also downloaded a file that was served by Cloudflare containing code with a script designed to collect Cloudflare user credentials after login. Cloudflare stopped serving the file after it was alerted to the issue by Proofpoint.

The phishing emails that compromised developers' Google Accounts purported to come from Google's Chrome Web Store team, which claimed the developer's extension didn't comply with its policies and would be removed unless the issue was fixed.

As Bleeping Computer recently reported, Google's security team has sent an email warning to Chrome extension developers to be on the lookout for phishing attacks. The attackers had created a convincing copy of Google's real account login page.

It's not the first time Chrome extensions have been targeted to spread adware and promote affiliate networks. In 2014, adware firms bought several popular Chrome extensions from legitimate developers, which up to that point had maintained trustworthy products.

Source: http://www.fullgist.com.ng/2017/08/google-chrome-under-attack-delete-these.html

Re: Google Chrome Under Attack: DELETE These Extensions IF You Have Them On Chrome by jakD: 10:30am On Aug 17, 2017
Sorry chrome.
Re: Google Chrome Under Attack: DELETE These Extensions IF You Have Them On Chrome by MrPdtech: 10:32am On Aug 17, 2017
Re: Google Chrome Under Attack: DELETE These Extensions IF You Have Them On Chrome by Fiscabally(m): 10:34am On Aug 17, 2017
noted
Re: Google Chrome Under Attack: DELETE These Extensions IF You Have Them On Chrome by youngreva(m): 10:35am On Aug 17, 2017
i don't even understand all of that...can anyone be so kind to explain in detail

1 Like

(1) (Reply)

Kindly Help / Fixing Any Hard Drive Issues And Recovery Of Data Of Raw Or Dead Drives / ✈✳✅SOLD ❌❌❌2016 Edition 15.6inch Convertible Touchscreen Keyboard Light Lenovo

(Go Up)

Sections: politics (1) business autos (1) jobs (1) career education (1) romance computers phones travel sports fashion health
religion celebs tv-movies music-radio literature webmasters programming techmarket

Links: (1) (2) (3) (4) (5) (6) (7) (8) (9) (10)

Nairaland - Copyright © 2005 - 2024 Oluwaseun Osewa. All rights reserved. See How To Advertise. 12
Disclaimer: Every Nairaland member is solely responsible for anything that he/she posts or uploads on Nairaland.