Hackers have revenge sex videosdiscovered a new way to remotely take control of your computer — all through the Google Chrome web browser.
A report from cybersecurity company SquareX lays out the new multifaceted cyberattack, which the firm has dubbed "browser syncjacking."
At the core of the attack is a social engineering element, as the malicious actor first must convince the user to download a Chrome extension. The Chrome extension is usually disguised as a helpful tool that can be downloaded via the official Chrome Store. It requires minimal permissions, further cementing its perceived legitimacy to the user. According to SquareX, the extension actually does usually work as advertised, in order to further disguise the source of the attack from the user.
Meanwhile, secretly in the background, the Chrome extension connects itself to a managed Google Workspace profile that the attacker has set up in advance. With the user now unknowingly signed into a managed profile, the attacker sends the user to a legitimate Google support page which is injected with modified content through the Chrome extension, telling the user they need to sync their profile.
When the user agrees to the sync, they unwittingly send all their local browser data, such as saved passwords, browsing history, and autofill information, to the hacker's managed profile. The hacker can then sign into this managed profile on their own device and access all that sensitive information.
The attack up to this point already provides the hacker with enough material to commit fraud and other illicit activities. However, browser syncjacking provides the hacker with the capability to go even further.
Using the teleconferencing platform Zoom as an example, SquareX explains that using the malicious Chrome extension, the attacker can send the victim to an official yet modified Zoom webpage that urges the user to install an update. However, the Zoom download that's provided is actually an executable file that installs a Chrome browser enrollment token from the hacker's Google Workspace.
After this occurs, the hacker then has access to additional capabilities and can gain access to the user's Google Drive, clipboard, emails, and more.
The browser syncjacking attack doesn't stop there. The hacker can take one further step in order to not just take over the victim's Chrome profile and Chrome browser, but also their entire device.
Through that same illicit download, such as the previously used Zoom update installer example, the attacker can inject a "registry entry to message native apps" by weaponizing Chrome’s Native Messaging protocol. By doing this, the attacker basically sets up a connection "between the malicious extension and the local binary." Basically, it creates a flow of information between the hacker's Chrome extension and your computer. Using this, the hacker can send commands to your device.
What can the hacker do from here? Pretty much anything they want. The attacker will have full access to the user's computer files and settings. They can create backdoors into the system. They can steal data such as passwords, cryptocurrency wallets, cookies, and more. In addition, they can track the user by controlling their webcam, take screenshots, record audio, and monitor everything input into the device.
As you can see, browser syncjacking is nearly completely unrecognizable as an attack to most users. For now, the most important thing you can do to protect yourself from such a cyberattack is to be aware of what you download and only install trusted Chrome extensions.
Topics Cybersecurity Google
Amazon CEO tries to sell kids on working on the moon
Amazon Spring Sale 2025: Best deals on cleaning supplies
Amazon Big Spring Sale 2025: Best outdoor security camera deals
Amazon Spring Sale 2025: Kindle Colorsoft at record
The White House might have inflated Trump's golf record, because this is how we live now
Amazon Big Spring Sale 2025: Best Beats Studio Buds deal
Napster was just acquired for $207 million by a 3D tech company
Samsung smart glasses with touchless controls nearly ready, report says
HP Touchscreen Laptop deal: Get $240 off at Best Buy
Bolivia vs. Uruguay 2025 livestream: Watch World Cup Qualifiers for free
Watch Chappell Roan's Grammy acceptance speech demanding healthcare for artists
Amazon Big Spring Sale travel deals: Luggage, chargers, and more
Today's Hurdle hints and answers for March 25, 2025
Solar eclipse glasses: Shop these options at Amazon that will arrive before Saturday
Clean energy projects soared in 2016 as solar and wind got cheaper
Amazon Spring Sale 2025: Best Fire Stick deal
Amazon's Big Spring Sale is live: Everything you need to know
TurboTax Deluxe + State 2024 deal: $55.99
We'll always, er, sorta, have the Paris Climate Agreement
NYT mini crossword answers for March 25, 2025
Third nor'easter in 3 weeks to hit New England: What's going on here?Scientists find rare type of ice, dubbed IceNot one soul, not even this cute fox, is prepared for Daylight SavingsDisney theories ranked by just how little they make senseHands on with the Bose AR augmented reality sunglassesEd Sheeran wows fans with a free gig in Australian lanewayRIP Claire's, the purest store in any mallJohn Krasinski's 'A Quiet Place' will make you screamApple patents a crumbApple is buying Texture, a digital magazine subscription servicePizza Hut vs. Domino's vs. Papa John's and more: Trash Pizza, rankedJames Blunt just came for John Mayer with a hilarious tweetSpotify is now crowdsourcing music dataLarry Page's Kitty Hawk to launch flying taxi service in New ZealandBeyoncé is going back on tour with JayRIP Claire's, the purest store in any mallThis tweet about putting your last text on your tombstone has got some incredible resultsFlippy the burgerHollywood's scariest supercomputer joins the Amazon Alexa familyPizza Hut vs. Domino's vs. Papa John's and more: Trash Pizza, ranked Martin Luther King's Radical Anticapitalism Japanese Tea, Rockets, and Switchblades: Tom Sachs and David Searcy Sex in the Garden How French Libertines Are Reckoning With #MeToo The 15 most binge The Unchanging, Ever I review cheap gaming laptops for a living. This is the best one under $1,000. Arthur Miller’s Sassy Defense of the NEA The Cornel West–Ta Robot Mop Black Friday deal: Over $150 off iRobot Braava Jet M6 The ancestor trend on TikTok, explained. Apple AirPods Pro Black Friday deal: $80 off at Walmart Redux: Dorothy Parker, Alexia Arthurs, Elena Wilkinson The Age of Graffiti The Impossibility of Knowing Mark Twain by Gary Scharnhorst 'Ted Lasso' star Hannah Waddingham is announced as Eurovision co Nicanor Parra, the Alpha The Calla Lilies Are in Bloom Again NYT's The Mini crossword answers for November 23 Viral Thanksgiving grandma and guest share their eighth holiday with Airbnb stranger
2.4398s , 10520.546875 kb
Copyright © 2025 Powered by 【revenge sex videos】,Unobstructed Information Network