Cybersecurity researchers have demonstrated a new technique that allows you to expand the malicious browser to bring themselves for any installed additions.
“Polymorphic extensions create a pixel perfect copy of the target icon, HTML Popup, work processes and even temporarily disables the legitimate expansion, making it extremely convincing to the victims that they provide real expansion, Squarex – Note In a report published last week.
The proclamated powers can then be abused by the threat of internet capture and gain unauthorized access to sensitive personal and financial information. The attack affects all chromium-based web browsers, including Google Chrome, Microsoft Edge, Brave, Opera and others.
The banks approach to the fact that users usually secure the browser tool panel. In a hypothetical attack scenario, the threatening actors could publish polymorphic expansion in the Chrome web shop (or in any expansion market) and mask it into use.
While the app provides advertised functionality to avoid any suspicion, it activates malicious features in the background, actively scanning the presence of web resources that correlate with certain targeted extensions using a technique called Heb Resource.
Once a suitable expansion of the target is detected, the attack goes to the next stage, resulting in a replica of legitimate expansion. This is carried out by changing the Rogue extension icon to match the goal and temporarily disable the actual supplement through API “Chrome.Management”, which causes it to be removed from the toolbar.
https://www.youtube.com/watch?v=i5pifa3jty
“The polymorphic expansion attack is extremely powerful because it uses a person’s inclination to rely on visual signals as confirmation,” Squarex said. “In this case, the expansion icons on the pinched panel are used to inform users about the tools they interact with.”
The conclusions come in a month after the company too disclosed Another method of attack called Browser Synckcking, which allows you to seize control over the victim’s device with a seemingly harmless browser extension.
