An add-on was detected trying to abuse the synchronization feature in Google Chrome, the world’s most used internet browser. Thanks to this plugin, users’ data can be stolen.
It is one of the features that Google Chrome offers to its users. synchronizationAllows copying of Chrome browser’s history, bookmarks, password, browser and plugin settings after logging into Google account.
This feature ensures synchronization of data between the user and the user’s devices. In this way, no matter which device the user uses Chrome It can easily access all of its data from its application. Of course, as you can imagine, attackers have emerged who can take advantage of this situation.
Attackers taking advantage of the Chrome sync feature
Chrome sync Realizing that they can take advantage of the feature, attackers use this feature to send commands and steal data to browsers that are already weakened. Thanks to the Chrome extensions created, they can bypass firewalls.
According to the news in Digital Information World, Bojan Zdrnja, a security consultant, discovered a malicious Chrome extension. This add-on, Chrome sync feature, To extract data from weakened browsers forcing communication with command and control servers.
The attacker downloaded the plug-in to the Chrome browser on the victim’s computer and installed it through Developer Mode. He could do this because he could take control over the computer. This plug-in contained code that abused the Chrome sync feature. Thanks to these codes, the user was able to gain control over his browser and cloud storage.
RELATED NEWS
Google Released Update Closing A Vulnerability in Chrome
In order to gain full control over the synchronized data, the attacker had to log in to the same Google account on another device with Chrome. In fact, Google has taken precautions against such plugins and removed many plugins from the store. However, this plugin could be stuck with the difference in working logic. Zdrnja, he identified these activities last week Reported to Google.
Source :
https://www.digitalinformationworld.com/2021/02/an-extension-was-discovered-that.html
$(function(){
//facebook window.fbAsyncInit = function() { FB.init({ appId : '1037724072951294', xfbml : true, version : 'v2.5' }); };
(function(d, s, id){ var js, fjs = d.getElementsByTagName(s)[0]; if (d.getElementById(id)) {return;} js = d.createElement(s); js.id = id; js.src = "https://connect.facebook.net/tr_TR/sdk.js"; fjs.parentNode.insertBefore(js, fjs); }(document, 'script', 'facebook-jssdk'));
$('body').on({ click: function() { // facebook save button ajax FB.XFBML.parse(); } }, '.facebook-save');
// share scroll if ($('.content-sticky').length > 0) { if ($(window).width() >= 768) { $(window).on('scroll', function () { var scrollTop = $(this).scrollTop(); $('article').each(function () { if (scrollTop >= ($(this).find('.content-body').offset().top - 76)) { $(this).find('.content-sticky').addClass('sticky'); if (scrollTop >= ($(this).find('.content-body').offset().top + $(this).find('.content-body').height() - ($(this).find('.content-sticky').height() + 92))) { $(this).find('.content-sticky').removeClass('sticky'); $(this).find('.content-sticky').css({'bottom': '0px', 'top': 'auto'}); } else { $(this).find('.content-sticky').addClass('sticky').css({ 'bottom': 'initial', 'top': '76px' }); } } else { $(this).find('.content-sticky').removeClass('sticky').css({'bottom': 'auto', 'top': '0'}); } }); }); } }
// share click $('body').on({ click: function (){ var $this = $(this), dataShareType = $this.attr('data-share-type'), dataType = $this.attr('data-type'), dataId = $this.attr('data-id'), dataPostUrl = $this.attr('data-post-url'), dataTitle = $this.attr('data-title'), dataSef = $this.attr('data-sef');
switch(dataShareType) { case 'facebook': FB.ui({ method: 'share', href: dataSef, }, function(response){ if (response && !response.error_message) { updateHit(); } });
break;
case 'twitter': shareWindow('https://twitter.com/intent/tweet?via=webtekno&text="+encodeURIComponent(dataTitle) + " %E2%96%B6 ' + encodeURIComponent(dataSef)); updateHit(); break;
case 'gplus': shareWindow('https://plus.google.com/share?url=" + encodeURIComponent(dataSef)); updateHit(); break;
case "mail': window.location.href="https://www.webtekno.com/mailto:?subject=" + encodeURIComponent(dataTitle) +'&body='+ encodeURIComponent(dataSef); //updateHit(); break;
case 'whatsapp': window.location.href="whatsapp://send?text=" + encodeURIComponent(dataTitle) +' %E2%96%B6 '+ encodeURIComponent(dataSef); updateHit(); break; }
function shareWindow (url) { window.open(url, "_blank", "toolbar=yes, scrollbars=yes, resizable=yes, top=500, left=500, width=400, height=400"); }
function updateHit () { $.ajax({ type: "POST", url: dataPostUrl, data: {contentId: dataId, contentType: dataType, shareType: dataShareType}, success: function(data) {
if ($('.video-showcase').length > 0) { var $container = $('.video-showcase'); } else if ($('article[data-id="' + dataId + '"]').length > 0) { var $container = $('article[data-id="' + dataId + '"]'); } else if ($('.wt-share-item[data-id="' + dataId + '"]').length > 0) { var $container = $('.wt-share-item[data-id="' + dataId + '"]'); } else { $container = null; }
//var $container = dataType == 'video' ? $('.video-showcase') : $('article[data-id="' + dataId + '"]');
if ( $container != null && $container.length > 0 ) { var $badged = $container.find('.wt-share-badge-' + dataShareType);
var $headerCount = $('.content-header').find('.wt-share-count'), $containerCount = $container.find('.wt-share-count'), value = parseInt($containerCount.html()) + 1;
$container.data('share', value); //$containerCount.html(value);
if ($headerCount.length > 0) { //$headerCount.html(value); }
if ( $badged.length > 0 && (dataShareType == 'facebook' || dataShareType == 'twitter')) { if ($badged.hasClass('is-visible')) { //$badged.html(data); } else { //$badged.addClass('is-visible').html(data); } } }
} }); } } }, '.wt-share-button') });