Hackers989? ??? ??? ??discovered a new way to remotely take control of your computer — all through the Google Chrome web browser.
A report from cybersecurity company SquareX lays out the new multifaceted cyberattack, which the firm has dubbed "browser syncjacking."
At the core of the attack is a social engineering element, as the malicious actor first must convince the user to download a Chrome extension. The Chrome extension is usually disguised as a helpful tool that can be downloaded via the official Chrome Store. It requires minimal permissions, further cementing its perceived legitimacy to the user. According to SquareX, the extension actually does usually work as advertised, in order to further disguise the source of the attack from the user.
Meanwhile, secretly in the background, the Chrome extension connects itself to a managed Google Workspace profile that the attacker has set up in advance. With the user now unknowingly signed into a managed profile, the attacker sends the user to a legitimate Google support page which is injected with modified content through the Chrome extension, telling the user they need to sync their profile.
When the user agrees to the sync, they unwittingly send all their local browser data, such as saved passwords, browsing history, and autofill information, to the hacker's managed profile. The hacker can then sign into this managed profile on their own device and access all that sensitive information.
The attack up to this point already provides the hacker with enough material to commit fraud and other illicit activities. However, browser syncjacking provides the hacker with the capability to go even further.
Using the teleconferencing platform Zoom as an example, SquareX explains that using the malicious Chrome extension, the attacker can send the victim to an official yet modified Zoom webpage that urges the user to install an update. However, the Zoom download that's provided is actually an executable file that installs a Chrome browser enrollment token from the hacker's Google Workspace.
After this occurs, the hacker then has access to additional capabilities and can gain access to the user's Google Drive, clipboard, emails, and more.
The browser syncjacking attack doesn't stop there. The hacker can take one further step in order to not just take over the victim's Chrome profile and Chrome browser, but also their entire device.
Through that same illicit download, such as the previously used Zoom update installer example, the attacker can inject a "registry entry to message native apps" by weaponizing Chrome’s Native Messaging protocol. By doing this, the attacker basically sets up a connection "between the malicious extension and the local binary." Basically, it creates a flow of information between the hacker's Chrome extension and your computer. Using this, the hacker can send commands to your device.
What can the hacker do from here? Pretty much anything they want. The attacker will have full access to the user's computer files and settings. They can create backdoors into the system. They can steal data such as passwords, cryptocurrency wallets, cookies, and more. In addition, they can track the user by controlling their webcam, take screenshots, record audio, and monitor everything input into the device.
As you can see, browser syncjacking is nearly completely unrecognizable as an attack to most users. For now, the most important thing you can do to protect yourself from such a cyberattack is to be aware of what you download and only install trusted Chrome extensions.
Anthropology Showcase to Include Film About Wintersburg Preservation
Darth Vader hot air balloon finally flies over its hometown in Bristol
Samsung launches its most powerful mobile chip yet
Apple released a bunch of ASMR videos for some reason
A Comeback Is at Hand
Best VPNs for watching Netflix: NordVPN, ExpressVPN and more
Apple needs to make it easier to manage subscriptions on iOS
Snap goes 3D with Spectacles 3, coming this fall
Classic Japanese Children’s Stories at JACCC
How to block and reduce robocalls without using third
David Henry Hwang Writers Institute New Works Festival Returns
The heartwarming story behind the latest Google Doodle
Apple might update iPad Pros with three rear cameras
Apple released a bunch of ASMR videos for some reason
El Camino to Celebrate Spring with Annual Cherry Blossom Festival
Apple has started 'locking' batteries to iPhones
Samsung reveals $999 Galaxy Book S laptop with 23
These are the 5G
Sand, Paper and Song
'The Art of Racing in the Rain' Review: Bring on the tears
16 brilliant innovations tackling poverty around the world'The Witcher' review: Season 3 ups the monsters for Henry Cavill's last ride'Barbie': Where to buy Ken's 'I am Kenough' sweatshirtAre 'Oppenheimer' and 'Dune' the same movie?'Only Murders in the Building' Season 3 review: All the world's a stage'Oppenheimer': Chicago PileExplained: Who's the old lady on the bench in the 'Barbie' movie?Samsung Galaxy Z Fold 5 vs Fold 4: Specs, price, camerasElon Musk to replace the Twitter bird with an XTV shows to watch (and finish) on a flight Blac Chyna's lawyer says she'll seek restraining orders against Rob Kardashian The unicorn trend is no longer a rarity. Can we please call time on it? Pod of killer whales charge two swimmers in a terrifying display of nature Dancing grandma flashes everyone at Dodgers stadium because she knows how to live Silly dog gets stuck in the backseat Donald Trump nicknames that did nothing to slow his authoritarianism France seeks to end the sale of gas and diesel Emoji sheriffs are patrolling Twitter Justin Trudeau met the Queen of England to the internet's delight So many good doggos celebrated Pride in London along with their humans
0.1544s , 9846.828125 kb
Copyright © 2025 Powered by 【1989? ??? ??? ??】New 'browser syncjacking' cyberattack lets hackers take over your computer via Chrome,Feature Flash
