- A new highjacking attack targets Chrome browsers
- It could steal all your browser data and even from your OS
- There are several ways for users to fight back
Whether you believe it to be the best web browser, Google Chrome is undoubtedly the most popular search engine by a landslide. For that reason, it remains a popular target for hackers as well. And now, a massive new threat is on the horizon, which could threaten billions of users.
A new attack called ‘Browser Syncjacking’ has been discovered by security researchers at the cybersecurity firm SquareX (reported on by BleepingComputer). Though it requires several steps, it’s shockingly easy for the average Chrome user to fall victim, as it needs minimal permissions.
First, a malicious Google Workspace domain is created with multiple user profiles, and security features like multi-factor authentication are disabled. This is used to create managed profiles in the background of the victim’s devices. Then, hackers will then create a malicious Chrome extension to launch on the official Chrome Store, appearing as a useful tool to attract potential victims.
Once any potential victims install the extension, it hides a browser window that runs in the background to log the victim into one of the Workspace profiles previously made. The final step involves tricking the victim into activating Chrome sync by opening a very real Chrome support page that’s been tampered with, then guiding them through turning on sync. If this happens, that person’s full Chrome account and stored data — including browsing history and passwords — are now available on the hacker’s profile.
From here, as SquareX explains, a victim’s entire browser can be taken over, often through a seemingly innocent Zoom invite that, if accepted, gets malicious content from that Chrome extension injected into it. If the victim falls for a prompt that asks to update Zoom, the update (actually an executable file that contains an enrollment token) will allow the hacker to control the browser completely.
Not only does this give hackers free reign over any data stored in your browser and allow them to spy on any websites you browse (and see any sensitive information you input), but it also allows them to access your OS to “install malware, capture keystrokes, extract sensitive data and even activate a device’s webcam and microphone,” as Tom’s Guide details.
How do you stay safe?
This all sounds overwhelming and even impossible to avoid since the attacks require so little input from users to get the ball rolling. But there are ways to keep your browser safe from harm.
The first is to avoid installing new Google Chrome extensions while limiting the ones you already have. If you really need to install anything new, make sure to research it and its developers for signs of suspicious activity.
It’s also essential to have the best antivirus software, which will automatically scan your PC or Mac regularly and immediately alert you to suspicious activity. It’s best to store passwords in the best password managers instead of in the browser, protecting them from hackers’ prying eyes.
There are always new attacks on the horizon, but it’s vital to stay vigilant in your online activity and be careful of extensions and software you download. This will always serve to protect your browser and computer.
