Set as Homepage - Add to Favorites

【erotice افلام محارم】

Source:Unobstructed Information Network Editor:Tech Time:2025-06-27 00:40:51

Hackers have erotice افلام محارمdiscovered a new way to remotely take control of your computer — all through the Google Chrome web browser.

A report from cybersecurity company SquareX lays out the new multifaceted cyberattack, which the firm has dubbed "browser syncjacking."

Chrome profile takeover

At the core of the attack is a social engineering element, as the malicious actor first must convince the user to download a Chrome extension. The Chrome extension is usually disguised as a helpful tool that can be downloaded via the official Chrome Store. It requires minimal permissions, further cementing its perceived legitimacy to the user. According to SquareX, the extension actually does usually work as advertised, in order to further disguise the source of the attack from the user.

Meanwhile, secretly in the background, the Chrome extension connects itself to a managed Google Workspace profile that the attacker has set up in advance. With the user now unknowingly signed into a managed profile, the attacker sends the user to a legitimate Google support page which is injected with modified content through the Chrome extension, telling the user they need to sync their profile.

When the user agrees to the sync, they unwittingly send all their local browser data, such as saved passwords, browsing history, and autofill information, to the hacker's managed profile. The hacker can then sign into this managed profile on their own device and access all that sensitive information.

Mashable Light Speed Want more out-of-this world tech, space and science stories? Sign up for Mashable's weekly Light Speed newsletter. By clicking Sign Me Up, you confirm you are 16+ and agree to our Terms of Use and Privacy Policy. Thanks for signing up!

Chrome browser takeover

The attack up to this point already provides the hacker with enough material to commit fraud and other illicit activities. However, browser syncjacking provides the hacker with the capability to go even further.

Using the teleconferencing platform Zoom as an example, SquareX explains that using the malicious Chrome extension, the attacker can send the victim to an official yet modified Zoom webpage that urges the user to install an update. However, the Zoom download that's provided is actually an executable file that installs a Chrome browser enrollment token from the hacker's Google Workspace.

After this occurs, the hacker then has access to additional capabilities and can gain access to the user's Google Drive, clipboard, emails, and more.

Device takeover

The browser syncjacking attack doesn't stop there. The hacker can take one further step in order to not just take over the victim's Chrome profile and Chrome browser, but also their entire device.

Through that same illicit download, such as the previously used Zoom update installer example, the attacker can inject a "registry entry to message native apps" by weaponizing Chrome’s Native Messaging protocol. By doing this, the attacker basically sets up a connection "between the malicious extension and the local binary." Basically, it creates a flow of information between the hacker's Chrome extension and your computer. Using this, the hacker can send commands to your device.

What can the hacker do from here? Pretty much anything they want. The attacker will have full access to the user's computer files and settings. They can create backdoors into the system. They can steal data such as passwords, cryptocurrency wallets, cookies, and more. In addition, they can track the user by controlling their webcam, take screenshots, record audio, and monitor everything input into the device.

As you can see, browser syncjacking is nearly completely unrecognizable as an attack to most users. For now, the most important thing you can do to protect yourself from such a cyberattack is to be aware of what you download and only install trusted Chrome extensions.

Featured Video For You
DeepSeek's privacy policy isn't so private

Topics Cybersecurity Google

Previous:Watch Chappell Roan's Grammy acceptance speech demanding healthcare for artists

Next:NYT Connections hints and answers for February 1: Tips to solve 'Connections' #601.

Related Articles
Related Recommendations
Categories
Latest Articles
Popular Articles
Hot Recommendations
Featured Column

Quick Links

Best Lego Star Wars Day deals: Save on multiple Lego Star Wars Day kitsTop Twitch streamers: See the list.This weird planet sports a giant tail like a cometTikTok creator Ayamé's key to success? Being 'hot and on the right side of history'Nintendo Switch 2 preorder stock April 25: See the retailers accepting ordersTikTok creator Ayamé's key to success? Being 'hot and on the right side of history'Best Lego deal: Save $12 on LEGO Botanicals Artificial Wildflower BouquetGetafe vs. Real Madrid 2025 livestream: Watch La Liga for freeBest laptop deal: Save over $100 on the ASUS Vivobook S 14NFL Draft 2025: Mock simulator, expert opinions, and who to followHow to watch 'Babygirl' at home: Streaming detailsGoogle Chrome drops thirdBest Fire Max 11 deal: Save $45 at AmazonBest Sony deal: Save $51.99 on WHBest Lego deal: Save $12 on LEGO Botanicals Artificial Wildflower BouquetCharacter AI reveals AvatarFX, a new AI video generatorNetflix is introducing a new type of subtitlesBest robot vacuum deal: Save $120 on the iRobot Roomba Q0120Google Chrome drops thirdTop 10 most Rapper tears into NME on Twitter after they put him on cover without permission Chelsea Clinton is writing a children's book, and its title is just perfect George Orwell's '1984' became too real this decade These are the Babu Frik tweets you're looking for 5 ways your kid can video chat with Santa Have a Tesla over Does YouTube radicalize users? This study says not —but it's deeply flawed. Australia's 1.2 Reminder: Lena Dunham doesn’t give ‘the tiniest of shits’ what you think about her body The best reactions to that rogue McDonald's Trump tweet Why Apple, Google, and other big tech companies create their own fonts 'You' Season 2 finale: What the hell just happened? 'John Mulaney and the Sack Lunch Bunch' review: A true Netflix gem Hire care enjoys the wet sand between its tires after being swept up by tide iPhone photography is about to help these adorable animals get adopted SNL Christmas and Hanukkah songs that'll get you through the holidays Cool blue phone cases inspired by Pantone's color of the year Delightful French supermarket ad gives us a love story for the ages Headphones designed to save your life from reckless drivers 10 'Saturday Night Live' sketches that made us scream in 2019

1.6834s , 10195.21875 kb

Copyright © 2025 Powered by 【erotice افلام محارم】,Unobstructed Information Network  

Sitemap

Top

Quick Links