Over a Dozen Chrome Extensions Caught Hijacking Google Search Results for Millions
New details have emerged about a vast network of rogue extensions for Chrome and Edge browsers that were found to hijack clicks to links in search results pages to arbitrary URLs, including phishing sites and ads.
Collectively called CacheFlow by Avast, the 28 extensions in question including Video Downloader for Facebook, Vimeo Video Downloader, Instagram Story Downloader, VK Unblock made use of a sneaky trick to mask its true purpose: Leverage Cache-Control HTTP header as a covert channel to retrieve commands from an attacker-controlled server.
All the backdoored browser add-ons have been taken down by Google and Microsoft as of December 18, 2020, to prevent more users from downloading them from the official stores.
Lottery scam reported in Wyo greenriverstar.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from greenriverstar.com Daily Mail and Mail on Sunday newspapers.
And SS7 telco hack rears its ugly head yet again Share
Copy
In brief In an 8-K filing to the US Securities and Exchange Commission, SolarWinds has given more details on exactly how it learned its servers were spewing out malware.
The notice [PDF] says that FireEye notified the network management biz s CEO (who had only been on the job for three days) of a serious security issue on 12 December. But by then the SUNBURST malware had already spread to around 18,000 customers. The vulnerability has only been identified in updates to the Orion Platform products delivered between March and June 2020, but our investigations are still ongoing, the filing said.
Beware! Malware hidden in Chrome, Edge extensions hits 30 lakh people IANS
New Delhi: Threat Intelligence researchers from cybersecurity firm Avast have identified malware hidden in at least 28 third-party Google Chrome and Microsoft Edge extensions that may have affected 30 lakh users worldwide.
The Chrome and Edge extensions are associated with some of the world’s most popular platforms like Instagram, Facebook and Google Chrome.
The malware has the functionality to redirect user’s traffic to ads or phishing sites and to steal people’s personal data, such as birth dates, email addresses, and active devices.
According to the app stores’ download numbers, around 30 lakh people may be affected worldwide.
Malware redirects user s traffic to ads or phishing sites.
It steal people s personal data.
New Delhi: Threat Intelligence researchers from cybersecurity firm Avast have identified malware hidden in at least 28 third-party Google Chrome and Microsoft Edge extensions that may have affected 30 lakh users worldwide.
The Chrome and Edge extensions are associated with some of the world s most popular platforms like Instagram, Facebook and Google Chrome.
The malware has the functionality to redirect user s traffic to ads or phishing sites and to steal people s personal data, such as birth dates, email addresses, and active devices.
According to the app stores download numbers, around 30 lakh people may be affected worldwide.