This is another interesting month for Google’s 3 billion Chrome users, with a U.S. government mandate to update all browsers by June 26 and another update warning this week as further vulnerabilities are discovered. But there’s a very different Chrome threat to your PC, and it’s much more difficult to find and fix.
Already this month we have been warned by LayerX that “a network of malicious sleeper agent extensions” are “waiting for their ‘marching order’ to execute malicious code on unsuspecting users’ computers.” A huge number of Chrome users have at least one extension installed, which is one of the browser’s biggest security risks.
Now Symantec warns that some of the most popular extensions it has analyzed, “expose information such as browsing domains, machine IDs, OS details, usage analytics, and more.” The research team says “many users assume that popular Chrome extensions adhere to strong security practices,” but that’s just not the case.
Symantec found that even some big-brand extensions “unintentionally transmit sensitive data over simple HTTP. By doing so, they expose browsing domains, machine IDs, operating system details, usage analytics, and even uninstall information.” Most Windows PC owners use Chrome and extensions, meaning this threat is huge.
More alarmingly, “because the traffic is unencrypted, a Man-in-the-Middle (MITM) attacker on the same network can intercept and, in some cases, even modify this data, leading to far more dangerous scenarios than simple eavesdropping.”
Bugcrowd’s Trey Ford told me “this is a very common way to compromise browsers for various outcomes, ranging from stealing credentials and spying on users, to simply establishing ways to very uniquely identify and track users across the internet. Ultimately this can manifest as a form of malware, and unavoidably create new attack surface for miscreants to attack and compromise a very secure browsing experience.”
Source: Google Chrome Warning Issued For Most Windows PC Users
