Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Tue 07 Jul 2020, 13:17
All times are UTC - 4
 Forum index » Off-Topic Area » Security
500 Chrome Extensions Caught Stealing Private Data
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 1 [9 Posts]  
Author Message
labbe5

Joined: 13 Nov 2013
Posts: 2166
Location: Canada

PostPosted: Sat 15 Feb 2020, 20:16    Post subject:  500 Chrome Extensions Caught Stealing Private Data  

https://thehackernews.com/2020/02/chrome-extension-malware.html

Google removed 500 malicious Chrome extensions from its Web Store after they found to inject malicious ads and siphon off user browsing data to servers under the control of attackers.

These extensions were part of a malvertising and ad-fraud campaign that's been operating at least since January 2019, although evidence points out the possibility that the actor behind the scheme may have been active since 2017.

In addition to requesting extensive permissions that granted the plugins access to clipboard and all the cookies stored locally in the browser, they periodically connected to a domain that shared the same name as the plugin (e.g., Mapstrekcom, ArcadeYumcom) to check for instructions on getting themselves uninstalled from the browser.

Upon making initial contact with the site, the plugins subsequently established contact with a hard-coded C2 domain — e.g., DTSINCEcom — to await further commands, the locations to upload user data, and receive updated lists of malicious ads and redirect domains, which subsequently redirected users' browsing sessions to a mix of legitimate and phishing sites.
Back to top
View user's profile Send private message 
xenial.


Joined: 01 May 2020
Posts: 36
Location: uk

PostPosted: Fri 19 Jun 2020, 08:29    Post subject:  

What an interesting paradox.
The chrome browser itself "steal" or takes your data too,
Back to top
View user's profile Send private message 
mikeslr


Joined: 16 Jun 2008
Posts: 3903
Location: 500 seconds from Sol

PostPosted: Fri 19 Jun 2020, 12:15    Post subject:  

xenial. wrote:
What an interesting paradox.
The chrome browser itself "steal" or takes your data too,


Governments jealously enforce their exclusive right to create money.

And no, that's not a mistake. Contrary to the misinformation spread by Right-Wing Economists and mistakenly assumed by most of the public, Governments don't just remove money created in the Private Sector. Rather, Governments both franchise and control the creation of money. Banks are the franchisees, benefiting from their exclusive licenses to create money but subject to laws limiting how much money (and under what circumstances) it can be created; if and when Governments choose to make and enforce such laws.

Money, like electricity and irrigation, is a flow system. Control the flow and you control who lives and who dies. If you've been paying attention during the last few years, and especially recently, you'll have realized how much Government (and those who actually control it) is involved in the creation and flow of money. We 'haven't had enough money' to feed and house Americans in need; re-build our failing infra-structure which would create jobs in America for Americans. And Universal Health Care will ruin 'the Economy'. But we suddenly have trillions of dollars to prop-up industries, even those which common sense tells you will fail. We can compel those who have to work in order to obtain the flow of money to themselves for food and other necessities to stay home. But our Government chose not to prohibit during that period the continued accumulation of the flow of 'payments due' to those whose income flow is passive: rent, mortgages, finance charges.

And contrary to the dictum of Right-Wing Jurists, money is not "speech". Like information money is power. Money is the social tool we use that enables us to exchange our goods and services with absolute strangers confident that we will receive something in return we can exchange with other strangers. Information is our tool enabling us to choose which exchange best serves our individual interests. Control either and "Freedom" is a synonym of "wishful thinking".
Back to top
View user's profile Send private message 
O.F.I.N.S.I.S.

Joined: 01 Mar 2020
Posts: 162

PostPosted: Fri 19 Jun 2020, 15:26    Post subject:  

Quote:
snippet ...Like information money is power...

Money is the God who's worshiped by almost all men! Wink

_________________
Our Future Is Not Set In Stone
https://www.youtube.com/channel/UCyfyaxCNMduwyXlQFRQKhhQ
https://soundcloud.com/user-633698367
My own build of Bionic64
Back to top
View user's profile Send private message 
Semme


Joined: 07 Aug 2011
Posts: 8404
Location: World_Hub

PostPosted: Fri 19 Jun 2020, 17:52    Post subject:  

Very Happy And women!
_________________
>>> Living with the immediacy of death helps you sort out your priorities. It helps you live a life less trivial <<<
Back to top
View user's profile Send private message 
8Geee


Joined: 12 May 2008
Posts: 2190
Location: N.E. USA

PostPosted: Fri 19 Jun 2020, 18:14    Post subject:  

Google just removed 70 more... most to do with pdf <---> doc and some seearch help.
_________________
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."
Back to top
View user's profile Send private message 
O.F.I.N.S.I.S.

Joined: 01 Mar 2020
Posts: 162

PostPosted: Fri 19 Jun 2020, 18:38    Post subject:  

Semme wrote:
Very Happy And women!

Yes! Laughing

_________________
Our Future Is Not Set In Stone
https://www.youtube.com/channel/UCyfyaxCNMduwyXlQFRQKhhQ
https://soundcloud.com/user-633698367
My own build of Bionic64
Back to top
View user's profile Send private message 
belham2

Joined: 15 Aug 2016
Posts: 1743

PostPosted: Sat 20 Jun 2020, 03:08    Post subject:  

Was just gettig ready to post a similar link to this issue:

https://www.securityweek.com/tens-malicious-chrome-extensions-used-global-surveillance-campaign


I know I am like a broken record as I keep saying this over the years, but STOP using any/all extensions in your browsers. Modify the browser about:config settings yourself (especially Firefox, Palemoon, Seamonkey). You can basically achieve everything you need and/or want by doing a little reading, research and also using (as others have noted) up-to-date block lists.

Regarding about:config (especially in Mozilla-based browsers), 8GEEE and myself have posted numerous times over the years what to modify there. In Chrome config settings, you are severely hamstrung by Google's mood/restrictions.

But in Mozilla-based browsers, there is ZERO reason to run any extension (save for one of the giant ad-blockers that are constantly tested and vetted by the community, i.e. you'd be hard-pressed to find anything better than Ublock Origin...there's a reason, for years now, why it is recommended over and over and over). But modify your about:config settings in your browsers, especially on booted up OSes you keep pristine only for sensitive, important stuff done online.

As the article notes above, using Chrome is and will continue to be a crap-shoot if one keeps on insisting using browser extensions for it (Mozilla-based is no different if you keep using them, especially the outdated extensions and/or the ones dropped by their original owners---which is what online hackers actually look for when targeting this vector).

If you are one of the ones who insist on using the Chrome-based browsers for your sensitive, important stuff online, do yourself a huge favor: STOP using all extensions for it (save for Ublock Origin and/or Ad-block). All others, never download them, never use them. It really is that simple.

Google itself is the first to admit they cannot stay on top of all the extensions and thus have little/zero time to vet them.


P.S. If you are a Mozilla-based user, also do yourself a big favor and pay attention to what Mozilla itself, not any 3rd party, is and has been doing with respect to Containers (and it's beyond easy to set up). It's 'Firefox Multi-Account Containers' is the single biggest thing they have done in years to vastly improve the browsers ability to protect you while online and, most importantly, protect you from yourself (i.e. insisting on clicking on the sexy (or whatever) picture and/or link to get a closer look).
Back to top
View user's profile Send private message 
8Geee


Joined: 12 May 2008
Posts: 2190
Location: N.E. USA

PostPosted: Sun 21 Jun 2020, 21:58    Post subject:  

From Belham2's article, this very important final few words...
Quote:
Some of the malicious extensions would completely bypass the Chrome Web Store, through a self-contained Chromium package included in other extensions, which tricks users into defaulting to a new rogue browser when prompted at first run. Unlike Chrome, this Chromium-based browser accepts extensions from any source, not only those in the Chrome Web Store.

“These rogue browsers appeared to have been installed by existing potentially unwanted programs (PUPs) already present on the victim system. This is very effective since the rogue browsers are self-contained, meaning other than the ability to just execute a program locally, very few other permissions are necessary,” Awake explains.


Until Google reverses course and pre-checks apps before the Store, this WILL continue.
You & I are not paid well enough to test their products. We don't even get a smidgen of click money.

Regards
8Geee

_________________
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 1 [9 Posts]  
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0455s ][ Queries: 11 (0.0028s) ][ GZIP on ]