Hackers1+ Archivesdiscovered a new way to remotely take control of your computer — all through the Google Chrome web browser.
A report from cybersecurity company SquareX lays out the new multifaceted cyberattack, which the firm has dubbed "browser syncjacking."
At the core of the attack is a social engineering element, as the malicious actor first must convince the user to download a Chrome extension. The Chrome extension is usually disguised as a helpful tool that can be downloaded via the official Chrome Store. It requires minimal permissions, further cementing its perceived legitimacy to the user. According to SquareX, the extension actually does usually work as advertised, in order to further disguise the source of the attack from the user.
Meanwhile, secretly in the background, the Chrome extension connects itself to a managed Google Workspace profile that the attacker has set up in advance. With the user now unknowingly signed into a managed profile, the attacker sends the user to a legitimate Google support page which is injected with modified content through the Chrome extension, telling the user they need to sync their profile.
When the user agrees to the sync, they unwittingly send all their local browser data, such as saved passwords, browsing history, and autofill information, to the hacker's managed profile. The hacker can then sign into this managed profile on their own device and access all that sensitive information.
The attack up to this point already provides the hacker with enough material to commit fraud and other illicit activities. However, browser syncjacking provides the hacker with the capability to go even further.
Using the teleconferencing platform Zoom as an example, SquareX explains that using the malicious Chrome extension, the attacker can send the victim to an official yet modified Zoom webpage that urges the user to install an update. However, the Zoom download that's provided is actually an executable file that installs a Chrome browser enrollment token from the hacker's Google Workspace.
After this occurs, the hacker then has access to additional capabilities and can gain access to the user's Google Drive, clipboard, emails, and more.
The browser syncjacking attack doesn't stop there. The hacker can take one further step in order to not just take over the victim's Chrome profile and Chrome browser, but also their entire device.
Through that same illicit download, such as the previously used Zoom update installer example, the attacker can inject a "registry entry to message native apps" by weaponizing Chrome’s Native Messaging protocol. By doing this, the attacker basically sets up a connection "between the malicious extension and the local binary." Basically, it creates a flow of information between the hacker's Chrome extension and your computer. Using this, the hacker can send commands to your device.
What can the hacker do from here? Pretty much anything they want. The attacker will have full access to the user's computer files and settings. They can create backdoors into the system. They can steal data such as passwords, cryptocurrency wallets, cookies, and more. In addition, they can track the user by controlling their webcam, take screenshots, record audio, and monitor everything input into the device.
As you can see, browser syncjacking is nearly completely unrecognizable as an attack to most users. For now, the most important thing you can do to protect yourself from such a cyberattack is to be aware of what you download and only install trusted Chrome extensions.
Topics Cybersecurity Google
Best air purifier deal: Save $300 on the Dyson HEPA Big + Quiet air purifier
Staff Picks: Language, Liberation, and LaserJet by The Paris Review
Staff Picks: Maps, Marvels, and Madmen – The Paris Review
Redux: Spreading Privacies on the Internet by The Paris Review
Best GPU deal: Get the MSI RTX 5080 for $1,249.99 at Best Buy
Blueprints for Another World by The Paris Review
Wordle today: The answer and hints for January 12
Announcing The Winners of the 2016 Whiting Awards
Boston Celtics vs. Dallas Mavericks 2025 livestream: Watch NBA online
Explainer: 'Killers of the Flower Moon's ending and cameo
Apple is advertising on Elon Musk's X again
Redux: Her Perfume, Hermit
How to watch Purdue vs. PSU basketball without cable: game time, streaming deals, and more
Whiting Awards 2021: Donnetta Lavinia Grays, Drama
Best external hard drive deal:WD 5TB Elements for $114.99
2021 Whiting Awards: Sylvia Khoury, Drama
Staff Picks: Maps, Marvels, and Madmen – The Paris Review
Poets on Couches: Carrie Fountain Reads Maya C. Popa by Carrie Fountain
Tips for Playing PlayerUnknown's Battlegrounds
How to contact Target customer service
Introducing Our SixtiethYou can now buy Surface replacement parts in the Microsoft StoreRachel Maddow begs viewers to be safe in powerful speech about her wife's COVIDObama surprises YouTube music twins as they listen to his new playlistLiterary Valentines by Timothy Leo TarantoWeirdest Titles of the Year by Sadie SteinMarch Madness by Sadie SteinAnaïs Nin on Heroes by Sadie SteinWhat Dr. Anthony Fauci is doing for ThanksgivingStory Time! by Sadie SteinBookish Cakes, and Other News by Sadie SteinGossip Archaeology with Edmund White by Stephanie LaCava'Black Mirror' used books as clues in 'Beyond the Sea'Introducing Our SixtiethAmerica in Love, and Other News by Sadie SteinEmergent by Jill TalbotA Week in Culture: Tim Small, Publisher, Writer, Filmmaker by Tim SmallMarch Madness by Sadie SteinAmerica in Love, and Other News by Sadie SteinA Week in Culture: Tim Small, Publisher, Writer, Filmmaker by Tim Small In loving memory of Joe Keery's 'Stranger Things' hair, R.I.P. 'Big Bang Theory' actor brings #MuslimBan protests to the red carpet J.K. Rowling calmly crushes yet another troll with chihuahua With 'A Little Late,' Lilly Singh quietly overhauls late night Comedian creates commercials for Obamacare registration since Trump pulled the ads 'Irresponsible and irrational:' Aussie startups speak out on Muslim ban Facebook bans more than 200 white supremacist groups, updates terrorism definition Sadly, it's probably time to think about upgrading from your iPhone 6S All the best protest signs from the weekend of Muslim ban demonstrations Meet Lovely, the sex toy that's like a FitBit for your dick Obama's first statement since leaving the White House is a three A nice watering can will trick you into feeling like you're good at plant care Uber, Ola ordered to halt ride Google is pulling the plug on YouTube's TV Netflix's 'Unbelievable' offers cop drama with consequence: Review How to talk to kids about climate change New SNL cast member Shane Gillis responds to backlash over racist slurs, still doesn't get it Amazon Music HD is here to steal audiophiles away from Tidal Zendaya offers modeling job to woman bullied on Twitter Alternativefacts.com exists and it's been redirected to the perfect site
3.0737s , 10137.2421875 kb
Copyright © 2025 Powered by 【21+ Archives】,Warmth Information Network