Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
Cyber-espionage group uses Chrome extension to infect victims
#1
Quote:In what appears to be a first on the cyber-espionage scene, a nation-state-backed hacking group has used a Google Chrome extension to infect victims and steal passwords and cookies from their browsers.

This is the first time an APT (Advanced Persistent Threat --an industry term for nation-state hacking groups) has been seen (ab)using a Chrome extension, albeit it's not the first time one has used a browser extension, as the Russian-linked Turla APT previously used a Firefox add-on in 2015 [1, 2].

According to a report that's going to be published later today by the ASERT team at Netscout reveals the details of a spear-phishing campaign that's been pushing a malicious Chrome extension since at least May 2018.

Hackers used spear-phishing emails to lure victims on websites copied from legitimate academic organizations. These phishing sites, now down, showed a benign PDF document but prevented users from viewing it, redirecting victims to the official Chrome Web Store page to install a (now removed) Chrome extension named Auto Font Manager.


https://www.zdnet.com/article/cyber-espi...t-victims/
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  QBot phishing uses Windows Calculator sideloading to infect devices mrtrout 0 941 07-25-2022 , 01:25 AM
Last Post: mrtrout
  The hacker group Anonymous has declared cyber warfare on Russia Bjyda 2 2,082 02-26-2022 , 04:08 PM
Last Post: Bjyda
  RansomEXX ransomware Linux encryptor may damage victims' files mrtrout 0 792 09-30-2021 , 09:52 PM
Last Post: mrtrout
  SynAck ransomware gang releases decryption keys for old victims mrtrout 0 793 08-13-2021 , 07:10 AM
Last Post: mrtrout
  Refunds Offered to Victims of Ziggy Ransomware Gang Bjyda 0 986 03-31-2021 , 07:55 PM
Last Post: Bjyda



Users browsing this thread: 1 Guest(s)