Busting browser fails: What attackers see when they hack your employees’ browser
Hackad hacker outlines why a browser is so vital in the cybercrime ecosystem and what CISOs can do to protect employees against browser hacks
Busting browser fails: What attackers see when they hack your employees’ browser
Hackad hacker outlines why a browser is so vital in the cybercrime ecosystem and what CISOs can do to protect employees against browser hacks
Busting browser fails: What attackers see when they hack your employees’ browser
Hackad hacker outlines why a browser is so vital in the cybercrime ecosystem and what CISOs can do to protect employees against browser hacks
Busting browser fails: What attackers see when they hack your employees’ browser
Hackad hacker outlines why a browser is so vital in the cybercrime ecosystem and what CISOs can do to protect employees against browser hacks
Busting browser fails: What attackers see when they hack your employees’ browser
Hackad hacker outlines why a browser is so vital in the cybercrime ecosystem and what CISOs can do to protect employees against browser hacks
Busting browser fails: What attackers see when they hack your employees’ browser
Hackad hacker outlines why a browser is so vital in the cybercrime ecosystem and what CISOs can do to protect employees against browser hacks
Busting browser fails: What attackers see when they hack your employees’ browser
Hackad hacker outlines why a browser is so vital in the cybercrime ecosystem and what CISOs can do to protect employees against browser hacks
ViperSoftX: Hiding in System Logs and Spreading VenomSoftX - Avast Threat Labs
ViperSoftX is a multi-stage stealer that exhibits interesting hiding capabilities. Other than stealing cryptocurrencies, it also spreads the VenomSoftX browser extension, which performs man-in-the-browser attacks.
Over 2 million users Affected with Browser Hijackers
Cyble Research & Intelligence Labs analyzes the recent surge in users being infected by Browser Hijackers using Chrome plugins.
The Case of Cloud9 Chrome Botnet
The Zimperium zLabs team recently discovered a malicious browser extension, originally called Cloud9, which not only steals the information available during the browser session but can also install malware on a user's device and subsequently assume control of the entire device. In this blog, we will take a deeper look into this malicious browser extension.
Crime group hijacks hundreds of US news websites to push malware
A cybercriminal group has compromised a media content provider to deploy malware on the websites of hundreds of news outlets in the U.S. according to cybersecurity company Proofpoint.
Dormant Colors browser hijackers could be used for more nefarious tasks, report says
Dormant Colors, a browser extension campaign, was spotted stealing browser data and hijacking search results and affiliation to thousands of sites.
“Dormant Colors”: Live Campaign With Over 1M Data Stealing Extensions Installed
The “Dormant Colors” is yet another vast campaign of malicious extensions with millions of active installations worldwide, this time with a color-related theme and full of deception all through the chain. It starts with the trickery malvertising campaign, continues with a crafty novel way to side-load the real malicious code without anyone noticing (until now!), and finally with stealing not only your searches and browsing data, but also affiliation to 10,000 targeted sites — a capability that is easily leveraged for targeted spear phishing, account takeover and credential extraction — all using this powerful network of millions of infected computers worldwide!
Malvertising on Microsoft Edge's News Feed pushes tech support scams
We uncovered a campaign on the Microsoft Edge home page where malicious ads are luring victims into tech support scams.
Malicious Cookie Stuffing Chrome Extensions with 1.4 Million Users
A few months ago, we blogged about malicious extensions redirecting users to phishing sites and inserting affiliate IDs into cookies of eCommerce sites. Since that time, we have investigated several other malicious extensions and discovered 5 extensions with a total install base of over 1,400,000 "...the extensions also track the user’s browsing activity."
Busting browser fails: What attackers see when they hack your employees’ browser
Hackad hacker outlines why a browser is so vital in the cybercrime ecosystem and what CISOs can do to protect employees against browser hacks
ChromeLoader: New Stubborn Malware Campaign
In January 2022, a new browser hijacker/adware campaign named ChromeLoader (also known as Choziosi Loader and ChromeBack) was discovered. Despite using simple malicious advertisements, the malware became widespread, potentially leaking data from thousands of users and organizations.
A New Attack Can Unmask Anonymous Users on Any Major Browser
Researchers have found a way to use the web's basic functions to identify who visits a site—without the user detecting the hack.
2 New Mozilla Firefox 0-Day Bugs Under Active Attack — Patch Your Browser ASAP!
Mozilla has pushed out-of-band software updates to its Firefox web browser to contain two high-impact security vulnerabilities, both of which it says are being actively exploited in the wild.
ViperSoftX: Hiding in System Logs and Spreading VenomSoftX - Avast Threat Labs
ViperSoftX is a multi-stage stealer that exhibits interesting hiding capabilities. Other than stealing cryptocurrencies, it also spreads the VenomSoftX browser extension, which performs man-in-the-browser attacks.
Over 2 million users Affected with Browser Hijackers
Cyble Research & Intelligence Labs analyzes the recent surge in users being infected by Browser Hijackers using Chrome plugins.
The Case of Cloud9 Chrome Botnet
The Zimperium zLabs team recently discovered a malicious browser extension, originally called Cloud9, which not only steals the information available during the browser session but can also install malware on a user's device and subsequently assume control of the entire device. In this blog, we will take a deeper look into this malicious browser extension.
Crime group hijacks hundreds of US news websites to push malware
A cybercriminal group has compromised a media content provider to deploy malware on the websites of hundreds of news outlets in the U.S. according to cybersecurity company Proofpoint.
Dormant Colors browser hijackers could be used for more nefarious tasks, report says
Dormant Colors, a browser extension campaign, was spotted stealing browser data and hijacking search results and affiliation to thousands of sites.
“Dormant Colors”: Live Campaign With Over 1M Data Stealing Extensions Installed
The “Dormant Colors” is yet another vast campaign of malicious extensions with millions of active installations worldwide, this time with a color-related theme and full of deception all through the chain. It starts with the trickery malvertising campaign, continues with a crafty novel way to side-load the real malicious code without anyone noticing (until now!), and finally with stealing not only your searches and browsing data, but also affiliation to 10,000 targeted sites — a capability that is easily leveraged for targeted spear phishing, account takeover and credential extraction — all using this powerful network of millions of infected computers worldwide!
Malvertising on Microsoft Edge's News Feed pushes tech support scams
We uncovered a campaign on the Microsoft Edge home page where malicious ads are luring victims into tech support scams.
Malicious Cookie Stuffing Chrome Extensions with 1.4 Million Users
A few months ago, we blogged about malicious extensions redirecting users to phishing sites and inserting affiliate IDs into cookies of eCommerce sites. Since that time, we have investigated several other malicious extensions and discovered 5 extensions with a total install base of over 1,400,000 "...the extensions also track the user’s browsing activity."
Busting browser fails: What attackers see when they hack your employees’ browser
Hackad hacker outlines why a browser is so vital in the cybercrime ecosystem and what CISOs can do to protect employees against browser hacks
ChromeLoader: New Stubborn Malware Campaign
In January 2022, a new browser hijacker/adware campaign named ChromeLoader (also known as Choziosi Loader and ChromeBack) was discovered. Despite using simple malicious advertisements, the malware became widespread, potentially leaking data from thousands of users and organizations.
A New Attack Can Unmask Anonymous Users on Any Major Browser
Researchers have found a way to use the web's basic functions to identify who visits a site—without the user detecting the hack.