Ethical Hacking News Hubb
Advertisement Banner
  • Home
  • News
  • Ethical Hackers
  • Contact
No Result
View All Result
  • Home
  • News
  • Ethical Hackers
  • Contact
No Result
View All Result
Wellnessnewshubb
No Result
View All Result
Home Ethical Hackers

Experts Find Malicious Cookie Stuffing Chrome Extensions Used by 1.4 Million Users

admin by admin
August 31, 2022
in Ethical Hackers


Five imposter extensions for the Google Chrome web browser masquerading as Netflix viewers and others have been found to track users’ browsing activity and profit of retail affiliate programs.

“The extensions offer various functions such as enabling users to watch Netflix shows together, website coupons, and taking screenshots of a website,” McAfee researchers Oliver Devane and Vallabh Chole said. “The latter borrows several phrases from another popular extension called GoFullPage.”

CyberSecurity

The browser add-ons in question – available via the Chrome Web Store and downloaded 1.4 million times – are as follows –

  • Netflix Party (mmnbenehknklpbendgmgngeaignppnbe) – 800,000 downloads
  • Netflix Party (flijfnhifgdcbhglkneplegafminjnhn) – 300,000 downloads
  • FlipShope – Price Tracker Extension (adikhbfjdbjkhelbdnffogkobkekkkej) – 80,000 downloads
  • Full Page Screenshot Capture – Screenshotting (pojgkmkfincpdkdgjepkmdekcahmckjp) – 200,000 downloads
  • AutoBuy Flash Sales (gbnahglfafmhaehbdmjedfhdmimjcbed) – 20,000 downloads

The extensions are designed to load a piece of JavaScript that’s responsible for keeping tabs on the websites visited and inject malicious code into e-commerce portals, letting the attackers make money through affiliate programs for purchases made by the victims.

“Every website visited is sent to servers owned by the extension creator,” the researchers noted. “They do this so that they can insert code into eCommerce websites being visited. This action modifies the cookies on the site so that the extension authors receive affiliate payment for any items purchased.”

CyberSecurity

Also incorporated is a technique that delays the malicious activity by 15 days from the time of installation of the extension to avoid raising red flags.

The findings follow the discovery of 13 Chrome browser extensions in March 2022 that were caught redirecting users in the U.S., Europe, and India to phishing sites and exfiltrate sensitive information.

As of writing, three of the four extensions are still available on the web store, with Netflix Party (mmnbenehknklpbendgmgngeaignppnbe) being the only add-on to be purged. Users of the installed extensions are recommended to manually remove them from their Chrome browser to mitigate further risks.





Source link

Tags: computer securitycyber attackscyber newscyber security newscyber security news todaycyber security updatescyber updatesdata breachhacker newshacking newshow to hackinformation securitynetwork securityransomware malwaresoftware vulnerabilitythe hacker news
Previous Post

Python Library With CLI Allowing To Remotely Dump Domain User Credentials Via An ADCS Without Dumping The LSASS Process Memory

Next Post

IPVanish not working with NowTV? Try this!

Next Post

IPVanish not working with NowTV? Try this!

Recommended

An Advanced Cross-Platform Tool That Automates The Process Of Detecting And Exploiting SQL Injection Security Flaws

7 days ago

Which VPN provider is better?

4 weeks ago

© 2022 Ethical Hacking News Hubb All rights reserved.

Use of these names, logos, and brands does not imply endorsement unless specified. By using this site, you agree to the Privacy Policy and Terms & Conditions.

Navigate Site

  • Home
  • News
  • Ethical Hackers
  • Contact

Newsletter Sign Up.

No Result
View All Result
  • Home
  • News
  • Ethical Hackers
  • Contact

© 2022 Ethical Hacking News Hubb All rights reserved.