Security News
A malicious extension for Chromium-based web browsers has been observed to be distributed via a long-standing Windows information stealer called ViperSoftX. Czech-based cybersecurity company dubbed the rogue browser add-on VenomSoftX owing to its standalone features that enable it to access website visits, steal credentials and clipboard data, and even swap cryptocurrency addresses via an adversary-in-the-middle attack. The malware's use of a browser extension to advance its information-gathering goals was documented by Sophos threat analyst Colin Cowie earlier this year.
Most western nations like America, Australia etc have legislation "To compell" in one way or abother. Others have placed staff in CA's or by financial manipulation have gained sympathetic help.
The Keksec threat actor has been linked to a previously undocumented malware strain, which has been observed in the wild masquerading as an extension for Chromium-based web browsers to enslave compromised machines into a botnet. Called Cloud9 by security firm Zimperium, the malicious browser add-on comes with a wide range of features that enables it to siphon cookies, log keystrokes, inject arbitrary JavaScript code, mine crypto, and even enlist the host to carry out DDoS attacks.
Researchers at Guardio Labs have discovered a new malvertizing campaign pushing Google Chrome extensions that hijack searches and insert affiliate links into webpages. Because all these extensions offer color customization options and arrive on the victim's machine with no malicious code to evade detection, the analysts named the campaign "Dormant Colors."
In what's a new phishing technique, it has been demonstrated that the Application Mode feature in Chromium-based web browsers can be abused to create "Realistic desktop phishing applications." Application Mode is designed to offer native-like experiences in a manner that causes the website to be launched in a separate browser window, while also displaying the website's favicon and hiding the address bar.
Cybersecurity biz Kaspersky has spotted a modified version of the Tor Browser it says collects sensitive data on Chinese users. The data collected by the browser itself includes internet history and data entered into website forms, said the threat hunter.
A popular Chinese-language YouTube channel has emerged as a means to distribute a trojanized version of a Windows installer for the Tor Browser. The malicious version of the Tor Browser installer is being distributed via a link present in the description of a video that was uploaded to YouTube on January 9, 2022.
A new phishing technique using Chrome's Application Mode feature allows threat actors to display local login forms that appear as desktop applications, making it easier to steal credentials. Because desktop applications are generally harder to spoof, users are less likely to treat them with the same caution they reserve for browser windows that are more widely abused for phishing.
The Brave browser will soon allows users to block annoying and potentially privacy-harming cookie consent banners on all websites they visit. If you visited BleepingComputer from Europe, you may have noticed an annoying cookie consent prompt asking if you would like to accept data-collecting cookies from our advertisers.
Extended spellcheck features in Google Chrome and Microsoft Edge web browsers transmit form data, including personally identifiable information and in some cases, passwords, to Google and Microsoft respectively. In cases where Chrome Enhanced Spellcheck or Edge's Microsoft Editor were enabled, "Basically anything" entered in form fields of these browsers was transmitted to Google and Microsoft.