Hackers have Tagsdiscovered a new way to remotely take control of your computer — all through the Google Chrome web browser.
A report from cybersecurity company SquareX lays out the new multifaceted cyberattack, which the firm has dubbed "browser syncjacking."
At the core of the attack is a social engineering element, as the malicious actor first must convince the user to download a Chrome extension. The Chrome extension is usually disguised as a helpful tool that can be downloaded via the official Chrome Store. It requires minimal permissions, further cementing its perceived legitimacy to the user. According to SquareX, the extension actually does usually work as advertised, in order to further disguise the source of the attack from the user.
Meanwhile, secretly in the background, the Chrome extension connects itself to a managed Google Workspace profile that the attacker has set up in advance. With the user now unknowingly signed into a managed profile, the attacker sends the user to a legitimate Google support page which is injected with modified content through the Chrome extension, telling the user they need to sync their profile.
When the user agrees to the sync, they unwittingly send all their local browser data, such as saved passwords, browsing history, and autofill information, to the hacker's managed profile. The hacker can then sign into this managed profile on their own device and access all that sensitive information.
The attack up to this point already provides the hacker with enough material to commit fraud and other illicit activities. However, browser syncjacking provides the hacker with the capability to go even further.
Using the teleconferencing platform Zoom as an example, SquareX explains that using the malicious Chrome extension, the attacker can send the victim to an official yet modified Zoom webpage that urges the user to install an update. However, the Zoom download that's provided is actually an executable file that installs a Chrome browser enrollment token from the hacker's Google Workspace.
After this occurs, the hacker then has access to additional capabilities and can gain access to the user's Google Drive, clipboard, emails, and more.
The browser syncjacking attack doesn't stop there. The hacker can take one further step in order to not just take over the victim's Chrome profile and Chrome browser, but also their entire device.
Through that same illicit download, such as the previously used Zoom update installer example, the attacker can inject a "registry entry to message native apps" by weaponizing Chrome’s Native Messaging protocol. By doing this, the attacker basically sets up a connection "between the malicious extension and the local binary." Basically, it creates a flow of information between the hacker's Chrome extension and your computer. Using this, the hacker can send commands to your device.
What can the hacker do from here? Pretty much anything they want. The attacker will have full access to the user's computer files and settings. They can create backdoors into the system. They can steal data such as passwords, cryptocurrency wallets, cookies, and more. In addition, they can track the user by controlling their webcam, take screenshots, record audio, and monitor everything input into the device.
As you can see, browser syncjacking is nearly completely unrecognizable as an attack to most users. For now, the most important thing you can do to protect yourself from such a cyberattack is to be aware of what you download and only install trusted Chrome extensions.
Topics Cybersecurity Google
Watch Chappell Roan's Grammy acceptance speech demanding healthcare for artists
A security researcher just revealed a huge Myspace security flaw. (And yes you should care.)
Dunkirk review roundup, Harry Styles edition
Nobody uses emoji better than Cher uses emoji
Wordle today: The answer and hints for January 28, 2025
Google is bringing back its blob emoji — in Allo
The 'Game of Thrones' Season 7 premiere was surprisingly hilarious
The huge, hidden clue in the 'Game of Thrones' Season 7 premiere you probably missed
Trump who? Tech giants join massive effort to uphold Paris Agreement
The Empire State Building will light up 'emoji yellow' for World Emoji Day
Super Bowl LIX livestream: Watch Eagles vs Chiefs on Tubi
This iPhone photo has made it onto billboards across the world
Sorry, casual fans, but Captain Spip of the 'Biowhale Deep Space' series is NOT a woman
Remotely hacking ships shouldn't be this easy, and yet it really is.
SpaceX is so close to turning its rocket headquarters into an actual city
Snapchat's letting you snag Spectacles on Amazon now
Netflix now has 100 million subscribers
Samsung's Galaxy Note 7s will be scrapped for parts and rare metals
Sri Lanka vs. Australia 2025 livestream: Watch 1st ODI for free
Facebook is dangerous for Democracy—here's why
NYT's The Mini crossword answers for January 28Love Songs: “I’m Your Man” by Laurie StoneHow to watch Purdue, Rutgers basketball without cable: Game time, streaming dealsHow to watch Illinois vs. IU basketball without cable: Game time, streaming deals, and moreLove Songs: “Aguacero” by Carina del Valle SchorskeHow to watch NC State vs. Syracuse basketball without cable: Game time, streaming deals, and moreClimate activists protested Rex Tillerson’s nomination in T. Rex costumesLove Songs: “I Want to Be Your Man” by Elena Saavedra BuckleyA Room with History by Saidiya HartmanIntuition’s Ear: On Kira Muratova by Timmy StrawGaddis/Markson: Two Letters by William Gaddis and David MarksonLovers sale: 30% off sex toys plus a free Womanizer vibratorThe Written World and the Unwritten World by Italo CalvinoThe Blk Mind Is a Continuous Mind by Tracy K. SmithAll Water Has a Perfect Memory by Jordan AmirkhaniObama says clean energy's momentum is 'irreversible,' even under TrumpHow to factory reset a MacBookCooking with Florine Stettheimer by Valerie StiversArt Out of Time: Three Reviews by The Paris ReviewThe Smoker by Ottessa Moshfegh Tesla wants customers to pay a $200 monthly fee for Full Self Facebook's response to Biden's COVID misinfo criticism is a big miss Trump kicked off 2018 with a Twitter rampage because nothing changes Study shows Trump 'Loki' will be back for more mischief in Season 2 Blue Ivy makes her acting debut in the music video for Jay NASA has good news about the Hubble Space Telescope Chrissy Teigen ends 2017 with a Pizzagate smackdown 11 best tweets of the week, including Olivia Rodrigo, Wade Boggs, and 'Boss Baby' 'Community' head Dan Harmon says he mistreated female writer 15 timeless tweets to celebrate Twitter's 15th anniversary Highly thoughtful grandma doesn't quite understand how Uber works Joe Biden says Facebook is 'killing people' with COVID misinformation How to connect Alexa to a Bluetooth speaker Death and Donald Trump lead Wikipedia's top searches of 2017 To see 'Hamilton' for free, head to ... PornHub Chrissy Teigen is obsessed with WrestleMania and we just fell in love all over again Paris Hilton rings in 2018 with the most Paris Hilton tweet imaginable It's time to stop freaking out about space billionaires Witness Spike Lee's Cannes gaffe as he reveals the top winner early
1.951s , 10135.6328125 kb
Copyright © 2025 Powered by 【Tags】,Unobstructed Information Network