The Hacker News Logo
Subscribe to Newsletter

The Hacker News — Cyber Security and Hacking News Website: Browser extensions

Critical Flaw Reported in Popular Evernote Extension for Chrome Users

Critical Flaw Reported in Popular Evernote Extension for Chrome Users

June 13, 2019Swati Khandelwal
Cybersecurity researchers discover a critical flaw in the popular Evernote Chrome extension that could have allowed hackers to hijack your browser and steal sensitive information from any website you accessed. Evernote is a popular service that helps people taking notes and organize their to-do task lists, and over 4,610,000 users have been using its Evernote Web Clipper Extension for Chrome browser. Discovered by Guardio, the vulnerability ( CVE-2019-12592 ) resided in the ways Evernote Web Clipper extension interacts with websites, iframes and inject scripts, eventually breaking the browser's same-origin policy (SOP) and domain-isolation mechanisms. According to researchers, the vulnerability could allow an attacker-controlled website to execute arbitrary code on the browser in the context of other domains on behalf of users, leading to a Universal Cross-site Scripting (UXSS or Universal XSS) issue. "A full exploit that would allow loading a remote hacker contr
Over 20 Million Users Installed Malicious Ad Blockers From Chrome Store

Over 20 Million Users Installed Malicious Ad Blockers From Chrome Store

April 19, 2018Mohit Kumar
If you have installed any of the below-mentioned Ad blocker extension in your Chrome browser, you could have been hacked. A security researcher has spotted five malicious ad blockers extension in the Google Chrome Store that had already been installed by at least 20 million users. Unfortunately, malicious browser extensions are nothing new. They often have access to everything you do online and could allow its creators to steal any information victims enter into any website they visit, including passwords, web browsing history and credit card details. Discovered by Andrey Meshkov, co-founder of Adguard, these five malicious extensions are copycat versions of some legitimate, well-known Ad Blockers. Creators of these extensions also used popular keywords in their names and descriptions to rank top in the search results, increasing the possibility of getting more users to download them. "All the extensions I've highlighted are simple rip-offs with a few lines of co
8 More Chrome Extensions Hijacked to Target 4.8 Million Users

8 More Chrome Extensions Hijacked to Target 4.8 Million Users

August 16, 2017Swati Khandelwal
Google's Chrome web browser Extensions are under attack with a series of developers being hacked within last one month. Almost two weeks ago, we reported how unknown attackers managed to compromise the Chrome Web Store account of a developer team and hijacked Copyfish extension , and then modified it to distribute spam correspondence to users. Just two days after that incident, some unknown attackers then hijacked another popular extension ' Web Developer ' and then updated it to directly inject advertisements into the web browser of over its 1 million users. After Chris Pederick, the creator of 'Web Developer' Chrome extension that offers various web development tools to its users, reported to Proofpoint that his extension had been compromised, the security vendor analysed the issue and found further add-ons in the Chrome Store that had also been altered. According to the latest report published by the researchers at Proofpoint on Monday, the expanded
Critical RCE Vulnerability Found in Cisco WebEx Extensions, Again — Patch Now!

Critical RCE Vulnerability Found in Cisco WebEx Extensions, Again — Patch Now!

July 17, 2017Swati Khandelwal
A highly critical vulnerability has been discovered in the Cisco Systems’ WebEx browser extension for Chrome and Firefox, for the second time in this year, which could allow attackers to remotely execute malicious code on a victim's computer. Cisco WebEx is a popular communication tool for online events, including meetings, webinars and video conferences that help users connect and collaborate with colleagues around the world. The extension has roughly 20 million active users. Discovered by Tavis Ormandy of Google Project Zero and Cris Neckar of Divergent Security, the remote code execution flaw (CVE-2017-6753) is due to a designing defect in the WebEx browser extension. To exploit the vulnerability, all an attacker need to do is trick victims into visiting a web page containing specially crafted malicious code through the browser with affected extension installed. Successful exploitation of this vulnerability could result in the attacker executing arbitrary code with th
'Web Of Trust' Browser Add-On Caught Selling Users' Data — Uninstall It Now

'Web Of Trust' Browser Add-On Caught Selling Users' Data — Uninstall It Now

November 08, 2016Swati Khandelwal
Browser extensions have become a standard part of the most popular browsers and essential part of our lives for surfing the Internet. But not all extensions can be trusted. One such innocent looking browser add-on has been caught collecting browsing history of millions of users and selling them to third-parties for making money. An investigation by German television channel NDR ( Norddeutscher Rundfunk ) has discovered a series of privacy breaches by Web Of Trust (WOT) – one of the top privacy and security browser extensions used by more than 140 Million online users to help keep them safe online. Web of Trust has been offering a " Safe Web Search & Browsing " service since 2007. The WOT browser extension, which is available for both Firefox and Chrome, uses crowdsourcing to rate websites based on trustworthiness and child safety. However, it turns out that the Web of Trust service collects extensive data about netizens' web browsing habits via its brows
AdBlock Extension has been Sold to an 'Unknown Buyer'

AdBlock Extension has been Sold to an 'Unknown Buyer'

October 03, 2015Mohit Kumar
Shocking! Adblock Extension that blocks annoying online advertising has been sold... ...And more shocking, the most popular " Adblock Extension ", with more than 40 million users, quietly sold their creation to an unknown buyer ... ' Michael Gundlach ', the creator widely used Adblock Extension refuses to disclose the name, who purchased his company and how much it was sold for, just because buyer wishes to remain anonymous. After watching a popup message (as shown) on their browsers this week, the Adblock users are literally going crazy. " I am selling my company, and the buyer is turning on Acceptable Ads, " Gundlach said. Holy Sh*t! NSA Buys Adblock? The ‘ Anonymous buyer ’ conspiracy has caused concern for Adblock users and they have raised number of questions on social media sites, such as: Should I trust AdBlock Extension anymore? Who owns the Software I have installed? Is it NSA? Also, reportedly, Michael Gun
LinkedIn Hack Tool Exposes Users' Emails without Exploiting Any Vulnerability

LinkedIn Hack Tool Exposes Users' Emails without Exploiting Any Vulnerability

April 03, 2014Anonymous
A Free Chrome, Firefox and Safari web browser plugin floating around the web, called ' Sell Hack ' allows users to view the hidden email address of any LinkedIn user, means anyone can grab email addresses that we use for professional purposes. When installed, the ' Sell Hack ' plugin will pop up a ' Hack In ' button on LinkedIn profiles and further automatically mines email addresses of LinkedIn users. NOT A SECURITY BREACH It's not a Security breach, LinkedIn has confirmed that no LinkedIn data has been compromised, but rather this free extension rely on an algorithm that checks publicly available data in order to guess users’ email addresses. So without exploiting any loophole or vulnerability, Sell Hack is capable of predicting users' email addresses with OSINT (Open-Source Intelligence) techniques i.e. information collected from publicly available sources. It is also possible that, the Sell Hack extension is gathering data from
Facebook 'Watch naked video of friends' malware scam infects 2 million people

Facebook 'Watch naked video of friends' malware scam infects 2 million people

March 08, 2014Wang Wei
We have seen a lot of Facebook malware and virus infections spreading through friends list, and this time a new clickjacking scam campaign is going viral on Facebook. Hackers spam Facebook timeline with a friend's picture and " See (Friend)'s naked video," or "(Friend Name's) Private Video. " The Picture appears to be uploaded by a friend and definitely, you might want to see some of your Facebook friends naked, But Beware!  If you get curious and click, you will be redirected to a malicious website reports that your Flash Player is not working properly and needs to be re-installed. But in actuality it will install a malware in your system and once approved, several disguised thing can happen to you. It further installs a malicious  browser extension to spread the scam and steal users’ photos. " When the link is clicked, users are sent to a very realistic-looking mockup of a YouTube page, where the hackers will try to imme
Google adds its Chrome apps and extensions to Bug Bounty Program

Google adds its Chrome apps and extensions to Bug Bounty Program

February 06, 2014Anonymous
Google's Vulnerability Reward Program which started in November 2010, offers a hefty reward to the one who find a good vulnerability in its products.  Now Google is getting a little more serious about the security of its Chrome Browser and has expanded its Bug Bounty Program to include all Chrome apps, extensions developed and branded as " by Google ". The Internet is a platform which has become a necessary medium for performing our daily tasks like reading news, paying bills, playing games, scheduling meetings and everything we perform on this platform is possible only because of the various applications maintained by the service providers. " We think developing Chrome extensions securely is relatively easy, but given that extensions like Hangouts and GMail are widely used, we want to make sure efforts to keep them secure are rewarded accordingly. " Google said in a blog post . Not only this, to improve the security of open-source proje
Adware Companies buying popular Chrome extensions to inject Ads and Malware

Adware Companies buying popular Chrome extensions to inject Ads and Malware

January 20, 2014Wang Wei
Browser extensions are extra features and functionality that you can easily add to Google Chrome, Firefox and other popular Browsers, but they can be used to serve malicious adware , which automatically renders advertisements in order to generate revenue for its author.  Hackers are now taking their business rather more seriously than we thought. Even a single instance of malicious adware on your PC can inject bad ads or malware to your browser. Ads are a legitimate way to monetize. However, creating and spreading a fresh add-on to get a large user base is always tough, but now adware companies found a new trick i.e. Buying trusted browser extensions with a large user-base and exploiting their auto-update status to push out adware. Recently, the developer of ‘ Add to Feedly ’ Chrome extension with 30,000+ users, Amit Agarwal , was approached by some mysterious buyers. “ It was a 4-figure offer for something that had taken an hour to create and I agreed to the deal ,” he said . &quo
Google Chrome adds automatic malware blocking for suspicious downloads

Google Chrome adds automatic malware blocking for suspicious downloads

November 02, 2013Wang Wei
Today Malware is a very real threat, and if you’re not careful about what you download and install, you could end up with a serious problem. But now Google will be trying their very best to block malware from installing itself on your computer on your behalf. Google has developed a security feature for Chrome that lets the browser detect and stop malware downloads. The feature has been added to Chrome Canary, the latest version of the browser which is available to download in beta form now. All you’ll see is a notification like the one below, which you can then dismiss: " These malicious programs disguise themselves so you won't know they're there and they may change your homepage or inject ads into the sites you browse. Worse, they block your ability to change your settings back and make themselves hard to uninstall, keeping you trapped in an undesired state. " wrote Linus Upson, a Google vice president, in a blog post . Google is implementing
Remotely controlled Malware as Browser extensions

Remotely controlled Malware as Browser extensions

October 27, 2012Mohit Kumar
" Browser extensions extend the functionality of the web browser. These extensions improve the appearance, functionality, security or other parts of the browser. Extensions were also developed with malicious intent, in order to generate revenue or just spread the code between more and more browsers. The possibility of a malicious browser extension is almost infinite, but we have not seen very powerful malicious extensions yet. " Security researcher Zoltan Balazs has developed a remote-controlled piece of malware that functions as a browser extension. The researcher plans to release the malware's source code on GitHub during a presentation at the Hacker Halted security conference in Miami next Tuesday This Malwaretize Browser extensions is capable of modifying Web pages, downloading and executing files, hijacking accounts, bypassing two-factor authentication security features enforced by some websites, and much more. Balazs is also expected to demonstrate how the proof
Exclusive Deals

Get Daily News Updates By Email

Join over 350,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.