4/30/2023 0 Comments Chrome web store![]() Yet, as we all know, cybercriminals can be very persistent and creative. Google’s efforts are commendable and have made tangible impacts on these threats. And considering the growing significance browsers enjoy in the cloud-era, this trend is cause for concern. Even though browser extension security is better, it’s far from where it needs to be. ![]() This gatekeeping closed many avenues to would-be attackers, but when you shut a door, they will try to climb over the wall. These steps worked – Google reported that 10% of scanned extensions turned out to be malicious, and it experienced a 75% reduction in customer requests regarding unwanted extensions. This nasty malware used unrestricted permissions to siphon usernames, passwords, and other browser-fed data.īy 2014, Google had begun closing such loopholes by scanning extensions uploaded to the Chrome Web Store, prohibiting ‘silent install’ extensions, limiting native extension installs to the store only, forcibly disabling extensions not associated with the store, and abandoning the antiquated Netscape Plug-in API. Two examples from this early 2010s era are “I Want This” – CRX malware that injected advertising on webpages – and Theola. Malware-infused CRX files started appearing, helped by the fact that – at that stage – users could easily install unvetted third-party extensions. ![]() ![]() As is often the case, cybercriminals saw great opportunities where others didn’t notice a significant threat. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |