Navigation
Recherche
|
Cyber-Espionage Group Uses Chrome Extension To Infect Victims
mercredi 5 décembre 2018, 23:00 , par Slashdot
In what appears to be a first on the cyber-espionage scene, a nation-state-backed hacking group has used a Google Chrome extension to infect victims and steal passwords and cookies from their browsers. From a report: This is the first time an APT (Advanced Persistent Threat -- an industry term for nation-state hacking groups) has been seen (ab)using a Chrome extension, albeit it's not the first time one has used a browser extension, as the Russian-linked Turla APT previously used a Firefox add-on in 2015. According to a report that's going to be published later today by the ASERT team at Netscout reveals the details of a spear-phishing campaign that's been pushing a malicious Chrome extension since at least May 2018.
Hackers used spear-phishing emails to lure victims on websites copied from legitimate academic organizations. These phishing sites, now down, showed a benign PDF document but prevented users from viewing it, redirecting victims to the official Chrome Web Store page to install a (now removed) Chrome extension named Auto Font Manager. Read more of this story at Slashdot.
rss.slashdot.org/~r/Slashdot/slashdot/~3/vRv2DCv08d0/cyber-espionage-group-uses-chrome-extension-to-...
|
56 sources (32 en français)
Date Actuelle
jeu. 21 nov. - 20:22 CET
|