More Chrome Extensions Getting Compromised

August 17, 2017
by Gagah Putra Arifianto
English / Writing

I feel like this is gonna be a new trend. From Threatpost:

The number of compromised Chrome browser extensions is growing beyond the initial Aug. 1 hijacking of the OCR add-on called Copyfish. Added to list are seven additional legitimate Chrome Extensions that attackers took over and used to manipulate internet traffic and web-based ads, according to researchers at Proofpoint.

I first realized that Chrome extensions are a legit vector for Malware after watching my father installing an extension that asks for “Access to all the website that you visit” without even thinking about it. It’s similar to early Android, in which permissions are wide open.

Chrome revolutionized the way browser handles web by introducing the concept of sandboxing. Unfortunately extensions permission-based security, with the majority of users unaware or simply doesn’t care, break all of this. Time for Google to act.

Related posts:

  1. Apple Continues Being Apple.
  2. Foxconn Might Not Land in Indonesia After All: A Thought.
  3. “I thought making a high-quality app was the hard part that was keeping iPad magazines from being more successful”
  4. Privatized ‘Shuttle’ Mass Transport Sucks. Just Don’t Do It.

The Author

I write stuff, A recovering RSS feed addicts.