""While many people see browser extensions as harmless little widgets, oftentimes they have no idea who is actually behind these extensions, and what capabilities they contain within their source code.""
""This campaign underscores a growing blind spot in enterprise security: browser extensions that appear legitimate at install time but evolve into active threats long after they've gained user trust.""
""On the surface, they delivered exactly what users expected - downloading videos, often without watermarks - which helped them build credibility and maintain a low profile.""
""Behind the scenes, however, these extensions operated very differently. They incorporated covert tracking mechanisms and leveraged attacker-controlled remote configuration servers.""
A campaign involving browser extensions masquerading as TikTok video downloaders is compromising user data. Over 130,000 users have been affected, with many installations still active. These extensions, found in trusted marketplaces like Chrome and Edge, often bypass security controls due to their legitimate appearance. They shared a common codebase and provided expected functionalities, which helped them gain user trust. However, they also included covert tracking mechanisms and remote control capabilities, allowing attackers to modify their behavior post-installation.
Read at TechRepublic
Unable to calculate read time
Collection
[
|
...
]