Connect with us


Hackers can use Chrome sync to steal passwords through extensions

Croatian information security specialist Bojan Zdrnja discovered that Google Chrome’s built-in sync function could be used by malicious extensions to steal passwords and other personal data from users’ devices.

According to the resource, an unnamed malicious extension uses the Chrome Sync function to communicate with a remote server of the attackers. During this process, they can obtain passwords and other data. This function is needed to synchronize data between users’ devices: passwords, bookmarks, browsing history, browser settings and extensions. All this is stored in the cloud on Google servers.

The malware was hiding under the Forcepoint security extension, allowing an attacker to control the infected browser. The code contained in it created a special text field to store the token keys that were synchronized with the Google cloud. There could be different data, including passwords.

“To download, read or delete these keys, the attacker only had to log in with the same Google account, but in a different Chrome browser (it could be a one-time account). After that, he could interact with the Chrome browser on the victim’s network, abusing Google’s infrastructure, ”wrote Bojan Zdrnja on the Internet Storm Center forum.

The expert advises using corporate Chrome features and group policies to control the work of installed extensions and, if necessary, block them.

Click to comment

All TechWeek writers are indepentent and from many different countries. Some english misspelling and grammar mistakes may occur. Report article.


Are you going to buy the Sony Wh-1000XM5

Submit your vote

View Results

Loading ... Loading ...
Latest news and reviews in hi-fi, home cinema and technology reviews, products, news, advice, videos and more, from around the world! All pictures and articles written on are owned by respective freelance authors. If you find a article that violates copywrite infringement, please report article here!