Hackers have video of girl having sex for first timediscovered a new way to remotely take control of your computer — all through the Google Chrome web browser.
A report from cybersecurity company SquareX lays out the new multifaceted cyberattack, which the firm has dubbed "browser syncjacking."
At the core of the attack is a social engineering element, as the malicious actor first must convince the user to download a Chrome extension. The Chrome extension is usually disguised as a helpful tool that can be downloaded via the official Chrome Store. It requires minimal permissions, further cementing its perceived legitimacy to the user. According to SquareX, the extension actually does usually work as advertised, in order to further disguise the source of the attack from the user.
Meanwhile, secretly in the background, the Chrome extension connects itself to a managed Google Workspace profile that the attacker has set up in advance. With the user now unknowingly signed into a managed profile, the attacker sends the user to a legitimate Google support page which is injected with modified content through the Chrome extension, telling the user they need to sync their profile.
When the user agrees to the sync, they unwittingly send all their local browser data, such as saved passwords, browsing history, and autofill information, to the hacker's managed profile. The hacker can then sign into this managed profile on their own device and access all that sensitive information.
The attack up to this point already provides the hacker with enough material to commit fraud and other illicit activities. However, browser syncjacking provides the hacker with the capability to go even further.
Using the teleconferencing platform Zoom as an example, SquareX explains that using the malicious Chrome extension, the attacker can send the victim to an official yet modified Zoom webpage that urges the user to install an update. However, the Zoom download that's provided is actually an executable file that installs a Chrome browser enrollment token from the hacker's Google Workspace.
After this occurs, the hacker then has access to additional capabilities and can gain access to the user's Google Drive, clipboard, emails, and more.
The browser syncjacking attack doesn't stop there. The hacker can take one further step in order to not just take over the victim's Chrome profile and Chrome browser, but also their entire device.
Through that same illicit download, such as the previously used Zoom update installer example, the attacker can inject a "registry entry to message native apps" by weaponizing Chrome’s Native Messaging protocol. By doing this, the attacker basically sets up a connection "between the malicious extension and the local binary." Basically, it creates a flow of information between the hacker's Chrome extension and your computer. Using this, the hacker can send commands to your device.
What can the hacker do from here? Pretty much anything they want. The attacker will have full access to the user's computer files and settings. They can create backdoors into the system. They can steal data such as passwords, cryptocurrency wallets, cookies, and more. In addition, they can track the user by controlling their webcam, take screenshots, record audio, and monitor everything input into the device.
As you can see, browser syncjacking is nearly completely unrecognizable as an attack to most users. For now, the most important thing you can do to protect yourself from such a cyberattack is to be aware of what you download and only install trusted Chrome extensions.
Topics Cybersecurity Google
Trump praises storm response as historic disaster unfolds in Houston
Facebook: We made a 'terrible error' when we killed everyone
Watch children try to do #MannequinChallenge and adorably fail
'Mr. Robot' creator has a very 'Mr. Robot' response to Trump's presidency
New 'browser syncjacking' cyberattack lets hackers take over your computer via Chrome
Watch children try to do #MannequinChallenge and adorably fail
SNL hosts a Chappelle's Show crossover with The Walking Dead
Katy Perry implores fans to donate to Planned Parenthood
Miami Heat vs. Brooklyn Nets 2025 livestream: Watch NBA online
Pink announces pregnancy with Instagram photo
Watch Chappell Roan's Grammy acceptance speech demanding healthcare for artists
Katy Perry implores fans to donate to Planned Parenthood
Black students barraged by terrifying hate text messages
Hey, Facebook: Social media really can change what people believe
In Paris Agreement speech, Trump never acknowledged the reality of global warming
You won't see the moon look this way again until 2034
Facebook: We made a 'terrible error' when we killed everyone
Behold: Michelle Obama's stunning 'Vogue' cover
Best MacBook deal: Save $200 on 2024 M3 MacBook Air
Facebook says it's not a media company, but it just bought a tool for publishers
Jonathan Escoffery Wins Plimpton Prize; Leigh Newman Wins Terry Southern Prize by The Paris ReviewW. H. Auden Was a Messy Roommate by Seamus PerryQuarantine Reads: ‘The Waves’ by Matt LevinNational Treasure, Elizabeth Spencer by Allan GurganusOn the Timeless Music of McCoy Tyner by Craig Morgan TeicherBread, Banana, Apple, Milk, Goodbye by Jennifer TsengLess Is More by Kyle ChaykaBe Yourself Again by Amina CainQuarantine Reads: The Unconsoled by Emma GarmanLiterary Paper Dolls: Sula by Julia Berick and Jenny KroikW. H. Auden Was a Messy Roommate by Seamus PerryRedux: Pull the Language in to Such a Sharpness by The Paris ReviewThe Phone Call by Jill TalbotKamau Brathwaite: 1930–2020 by Vijay SeshadriYasmin Ahmad’s Multicultural Malaysia by Tash AwNational Treasure, Elizabeth Spencer by Allan GurganusStaff Picks: Demons, Decadence, and Dimes by The Paris ReviewOn the Timeless Music of McCoy Tyner by Craig Morgan TeicherStaff Picks: Dolls, Dakar, and Doomsday Preppers by The Paris ReviewRedux: Pull the Language in to Such a Sharpness by The Paris Review The Star Wars: Galaxy's Edge Datapad is a secret weapon for immersion. NASA blows hole in world's largest rocket fuel tank (on purpose) The Mandalorian becomes a horror movie monster in Chapter 6 Why I use this app instead of Google Maps to get around 8 gifts to get for the person you just started dating Behold, the glory of our Trump White House LEGO set How the entertainment industry can catch up with Apple TV+'s 'See' Giphy launches videos hub with media partners Universal, BBCA Ivanka Trump will reportedly speak at CES AT&T launches real 5G in 10 U.S. cities 'Beauty and the Beast' inspires Doug the pug to find his own love Miley Cyrus, if you really got married this time, please nod your head like YEAH Nintendo Switch has cut deep into porn traffic Spin's San Francisco staff becomes the first e Everybody shut up. Just let us enjoy the kids in the BBC video. Facebook adds lip syncing feature to Portal speakers Instant karma comes for driver skipping line of cars on the freeway Is climate change impacting cuffing season? These are the 5 tech terms you won’t be able to ignore in 2020 YouTube app joins the billion
1.3803s , 8612.9453125 kb
Copyright © 2025 Powered by 【video of girl having sex for first time】,Defense Information Network