![]() ![]() One curb would be to monitor and block extensions' access to passwords and other sensitive data, unless a user has granted explicit permission. Marinho said Google should consider placing new limits on Chrome extensions to limit the damage malicious ones can do. The background noise is very similar to a real call center - although it could be real one." "They ask for a specific person name (previously collected on a social network) and try to convince the target to install a new version of security module. "It's impressive how convincing they are," Marinho said of the callers after listening to a tape of one of the calls. With that, the attackers have the credentials required to log in. The caller then walks them through a test access to the account by logging in. When the employees click through a link provided by the caller, they are redirected to the extension hosted by Google. The employees receive a phone call from someone who warns that they will lose access to their online bank account unless they install a security module. Interface Online is being used in highly targeted attacks that single out employees who are in charge of their companies' finances. "It's different to have a suspect open an e-mail attachment, for example." Using the Chrome Web Store "helps criminals to entice victims' trust as the extension is available on an official app store" Advertisement "Having the malware hosted on Google's Chrome store maximizes criminals' chances trust on the software," Marinho told Ars. Since then, the number of extension accounts known to have been taken over has grown to eight. Two weeks ago, Ars reported the hijacking of two separate Extension developer accounts, one for the Web Developer extension that has 1 million downloads. Shortly after Google removed iCalc Malwarebytes found a separate malicious Chrome extension connected to the same attack group. It also periodically checked with the server to receive newly issued commands or updates. Last year, researchers from security firm Malwarebytes reported finding an extension called iCalc that routed all of a user's browser traffic through an attacker-controlled server. Maximizing criminals’ chancesįurther Reading After phishing attacks, Chrome extensions push adware to millionsIt's not the first time Google has been caught hosting malicious extensions. On late Wednesday afternoon, a Google spokesman e-mailed to say the extension was finally removed. It remained available for download here for several hours after this post went live, although Marinho said he reported the reposted app to Google. On Wednesday, the same extension reappeared and showed it had already received 23 downloads. It had been available since July 31 and was downloaded 30 times. Google officials removed the extension on Tuesday, after Renato Marinho, who is the Chief Research Officer of Morphus Labs and a volunteer at the SANS Institute, reported it was part of a scam hitting Brazilian bank customers. This entry in the Google-owned Virus Total service reports the extension was not detected by any of the 58 most widely used anti-malware products at the time this post was going live. The extension then uploads them to a server controlled by the attackers. When users visit specific pages programmed into the code, the extension activates a JavaScript routine that logs the user name and password entered into the form. Once installed, the Interface Online extension, uploaded at least twice in the past 17 days, surreptitiously monitors all connections made with the Chrome browser. The Established Publisher badge showcases publishers who have verified their identity and demonstrated compliance with the developer program policies.A researcher has uncovered an elaborate bank-fraud scam that's using a malicious extension in Google's Chrome Web Store to steal targets' passwords. The Google Chrome Web Store teamĪ recent post on Google’s Keyword details each badge, what they mean, and how to earn each one. Both of these badges will appear in the store in the next few weeks.ĭevelopers who earn these badges may receive higher rankings in search and filtering, and may also see their extensions appear in special promotions both on and off Chrome Web Store. Today, we’re happy to announce two new extension badges to help us deliver on that goal: the Featured badge and the Established publisher badge. The Chrome Web Store aims to make it easy for users to find top quality extensions while recognizing the developers who create them. Since 2009, developers have been hard at work building extensions that make Chrome more powerful, useful, and personalized for users. ![]()
0 Comments
Leave a Reply. |