Croatian information security specialist Bojan Zdrnja discovered that Google Chrome’s built-in sync function could be used by malicious extensions to steal passwords and other personal data from users’ devices.<\/p>\n
According to a resource, an unnamed malicious extension uses the Chrome Sync function to communicate with a remote server of the attackers.\u00a0During this process, they can obtain passwords and other data.\u00a0This function is needed to synchronize data between users’ devices: passwords, bookmarks, browsing history, browser settings and extensions.\u00a0All this is stored in the cloud on Google servers.<\/p>\n
The malware was hiding under the Forcepoint security extension, allowing an attacker to control the infected browser.\u00a0The code contained in it created a special text field to store the token keys that were synchronized with the Google cloud.\u00a0There could be different data, including passwords.<\/p>\n
\u201cTo download, read or delete these keys, the attacker only had to log in with the same Google account, but in a different Chrome browser (it could be a one-time account).\u00a0After that, he could interact with the Chrome browser on the victim’s network, abusing Google’s infrastructure, \u201dwrote Bojan Zdrnja on the Internet Storm Center forum.<\/p><\/blockquote>\n
The expert advises using corporate Chrome features and group policies to control the work of installed extensions and, if necessary, block them.<\/p>\n","protected":false},"excerpt":{"rendered":"
Croatian information security specialist Bojan Zdrnja discovered that Google Chrome’s built-in sync function could be used by malicious extensions to steal passwords and other personal data from users’ devices. According to a resource, an unnamed malicious extension uses the Chrome Sync function to communicate with a remote server of the attackers.\u00a0During this process, they can […] More<\/a><\/p>\n","protected":false},"author":10237,"featured_media":120553,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[805],"tags":[779],"class_list":{"0":"post-120552","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-technology","8":"tag-news"},"acf":[],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/www.stereoindex.com\/tech\/wp-json\/wp\/v2\/posts\/120552","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.stereoindex.com\/tech\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.stereoindex.com\/tech\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.stereoindex.com\/tech\/wp-json\/wp\/v2\/users\/10237"}],"replies":[{"embeddable":true,"href":"https:\/\/www.stereoindex.com\/tech\/wp-json\/wp\/v2\/comments?post=120552"}],"version-history":[{"count":0,"href":"https:\/\/www.stereoindex.com\/tech\/wp-json\/wp\/v2\/posts\/120552\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.stereoindex.com\/tech\/wp-json\/wp\/v2\/media\/120553"}],"wp:attachment":[{"href":"https:\/\/www.stereoindex.com\/tech\/wp-json\/wp\/v2\/media?parent=120552"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.stereoindex.com\/tech\/wp-json\/wp\/v2\/categories?post=120552"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.stereoindex.com\/tech\/wp-json\/wp\/v2\/tags?post=120552"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}