Week 8: Chrome and Edge browser extensions turn trojan, harm millions

Eighteen browser extensions for Google's Chrome and Microsoft's Edge have been identified as malicious trojan horse type viruses harming an estimated 2.3 million users. For reference, a trojan virus takes its name from the Greek myth involving the trojan war in which a large wooden horse was presented as a gift to the city of Troy. When the Trojans accepted the gift past their large walls, enemy soldiers jumped out. In our case today a trojan virus is a piece of software which presents as something beneficial to the user but later reviles itself to be malicious.

Specifically the extension Colour Picker Tool--Geco was verified by Google and had over 800 rating in the store with an average rating of 4.2 (an impressive piece of malware). Researcher of the malware stated, "[t]his is a carefully crafted Trojan horse that delivers exactly what is promises...while simultaneously hijacking your browser , tracking every website you visit, and maintaining a persistent command and control backdoor."(Naprys,2025) From this information we can believe this campaign of trojan's was part of a larger project, because no one creates a massive botnet with a C2 server only to leave it alone. As we have studied this week a botnet of this magnitude would be enough to cause some serious damage to a mid-level company.




References:

Naprys, E. (2025, July 11). Chrome, edge users infected by 18 malicious extensions​ | cybernews. CyberNews. https://cybernews.com/security/chrome-edge-hijacked-by-eighteen-malicious-extensions/

Comments

Post a Comment

Popular posts from this blog

Week 1: HTB

      Hack the Box is a wonderful cite for anyone trying to gain both knowledge and hands-on experience in Cyber Security and red/blue team activities. The only downside is the amount of time you have to spend to "get good". HtB is an internationally recognized cite and proving yourself in its various "boxes" will also look very good on a resume.      There are two main ways I would suggest using HtB. One, start in their academy and complete modules and skills on different tools like "nmap", "nc", "sql injections", etc. Once you feel pretty comfertable on your abilities to manage a red team job try out hacking the box. There are hundreds of different puzzles called "boxes" where you will need to use your new skills to exploit the machine. It is incredibly educational and I cannot recommend enough. Charlie
Read more

Week 10: Spear Finishing in Turkey with LNK Files

  Phishing has taken on a new dimension in the last few years: using LNK files (Microsoft specific files that can provide a shortcut from one file to another). The purpose of these files is specifically to open PowerShell and run a command to download more malware from an online server. The group Patchwork has been associated with the recent LNK spear phishing attacks against defense contractors in Turkey specifically. Since 2009 the malware group has been suspected of associating with the State of India making them a formattable threat. References: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/rise-of-lnk-shortcut-files-malware/ https://www.mcafee.com/blogs/other-blogs/mcafee-labs/rise-of-lnk-shortcut-files-malware/
Read more

Week 5: Confidentiality and Privacy: do we need new privacy laws?

I am taking mostly historical information here on the various laws enacted between the 1970's and 2000's which have governed the use of Private Identifiable Information by the federal government and private companies in the US. Most of these laws: like HIPAA and the GLBA are incredibly relevant today to safeguarding our most personal data from people who would do use harm. For a long time this meant keep our data out of the hands of hackers and thieves and while that is still relevant today, there is seemingly a large gap between the US's privacy laws concerning private companies, and those of Europe.  The stark difference is in the EU's General Data Protection Regulation (GDPR) and California's Consumer Privacy Act (CCPA) which were adopted in 2018 and 2020 respectively. The GDPR has a government oversight board by which all private companies must abide by. This creates an active participation in holding private companies responsible for consumer data. It is the jo...
Read more