The Latest in IT Security

Attackers Leverage Locally-Loaded Chrome Extension for Data Exfiltration

08
Feb
2021
Attackers Leverage Locally-Loaded Chrome Extension for Data Exfiltration

image credit: pixabay

While the use of malicious Chrome extensions in attacks is not something new, this attack stands out from the crowd due to the use of ‘Developer mode’ in the browser to enable loading of a malicious extension locally.

The extension was dropped in a folder on the compromised workstation, while the ‘Developer mode’ was enabled directly from the browser (it is available in More Tools -> Extensions). Any user can leverage this legitimate function by clicking ‘Load unpacked.’

Related posts:
  1. Google Patches 8 Vulnerabilities in Chrome 77
  2. 4 best practices to avoid vulnerabilities in open-source code
  3. Google Chrome Bugs Open Browsers to Attack
  4. Microsoft’s Zerologon vulnerability fix: What admins need to know
  5. 5 top vulnerability management tools and how they help prioritize threats

Read More

Tags:  
Written by Feedproxy
0 Comments
Comments are closed.

Categories

SUNDAY, FEBRUARY 23, 2025
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments