Cyble Research & Intelligence Labs analyzes the recent surge in users being infected by Browser Hijackers using Chrome plugins.

The “Dormant Colors” is yet another vast campaign of malicious extensions with millions of active installations worldwide, this time with a color-related theme and full of deception all through the chain. It starts with the trickery malvertising campaign, continues with a crafty novel way to side-load the real malicious code without anyone noticing (until now!), and finally with stealing not only your searches and browsing data, but also affiliation to 10,000 targeted sites — a capability that is easily leveraged for targeted spear phishing, account takeover and credential extraction — all using this powerful network of millions of infected computers worldwide!

Some of the largest websites in the world have exposure to sending Google and Microsoft sensitive user PII, including username, email, and passwords

A few months ago, we blogged about malicious extensions redirecting users to phishing sites and inserting affiliate IDs into cookies of eCommerce sites. Since that time, we have investigated several other malicious extensions and discovered 5 extensions with a total install base of over 1,400,000 "...the extensions also track the user’s browsing activity."

To protect our users, Google’s Threat Analysis Group (TAG) routinely hunts for 0-day vulnerabilities exploited in-the-wild. In 2021, we reported nine 0-days affecting Chrome, Android, Apple and Microsoft, leading to patches to protect users from these attacks.

High CVE-2022-1096: Type Confusion in V8. Reported by anonymous on 2022-03-23 We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel. Google is aware that an exploit for CVE-2022-1096 exists in the wild.

The year's 1st Chrome zero-day can lead to all sorts of misery, ranging from data corruption to the execution of arbitrary code on vulnerable systems.

To protect our users, Google’s Threat Analysis Group (TAG) routinely hunts for 0-day vulnerabilities exploited in-the-wild. In 2021, we reported nine 0-days affecting Chrome, Android, Apple and Microsoft, leading to patches to protect users from these attacks.

High CVE-2022-1096: Type Confusion in V8. Reported by anonymous on 2022-03-23 We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel. Google is aware that an exploit for CVE-2022-1096 exists in the wild.