Slashdot Mirror

← Back to Stories (view on slashdot.org)

Cyber-Espionage Group Uses Chrome Extension To Infect Victims (zdnet.com)

Posted by msmash on from the security-woes dept.

In what appears to be a first on the cyber-espionage scene, a nation-state-backed hacking group has used a Google Chrome extension to infect victims and steal passwords and cookies from their browsers. From a report: This is the first time an APT (Advanced Persistent Threat -- an industry term for nation-state hacking groups) has been seen (ab)using a Chrome extension, albeit it's not the first time one has used a browser extension, as the Russian-linked Turla APT previously used a Firefox add-on in 2015. According to a report that's going to be published later today by the ASERT team at Netscout reveals the details of a spear-phishing campaign that's been pushing a malicious Chrome extension since at least May 2018.

Hackers used spear-phishing emails to lure victims on websites copied from legitimate academic organizations. These phishing sites, now down, showed a benign PDF document but prevented users from viewing it, redirecting victims to the official Chrome Web Store page to install a (now removed) Chrome extension named Auto Font Manager.

25 comments

  1. Moscow Donald's Campaign Manager is IN PRISON by Anonymous Coward · · Score: -1

    Donald Trump is going to prison for treason and his uneducated racist supporters can't do anything about it.

    1. Re:Moscow Donald's Campaign Manager is IN PRISON by Anonymous Coward · · Score: -1

      Amen! Round up nazi supporters and hang them for treason. Dibs on that little spineless faggot Ken Doll, I want his bitch liver to make into a purse for his mom as a condolence gift. She raised a treasonous little faggot. Sad!

    2. Re: Moscow Donald's Campaign Manager is IN PRISON by Anonymous Coward · · Score: -1

      Somehow you've convinced your Marxist paymasters to waste money on Slashdot, a has-been site that gets less traffic than a Tumblr blog about corgis.

      I salute your expert, if possibly ironic, mastery of capitalism.

    3. Re: Moscow Donald's Campaign Manager is IN PRISON by Anonymous Coward · · Score: -1

      Let me tell you exactly why this story is so good.
      Sometimes a crime is committed and usually it suffice to say what the crime was, who committed it, was there a weapon etc.
      Now this particular story is somewhat unique in that you really will not understand the story by simply stating the facts.
      This story happened in real-time. It is not equivalent to stories whoâ(TM)s salient part was a single event that could be described to the reader.
      Luckily for this story, this writer understands it. These stories probably come around often enough and a writer like this comes around often enough but once in a while this quality writer gets to write about this kind of story.
      The writer thinks about how they can expose the true depth of the story by describing events in a sequence and yet all in a single narrative so that the reader can drink in the multiple events as though they were a single event.
      Today I may be lucky enough to witness this in action.
      So as you read or scan this article see what the author does.
      Also, when this kind of author hears about this kind of story, they usually feel compelled to write it up and send it to slashdot

    4. Re:Moscow Donald's Campaign Manager is IN PRISON by Anonymous Coward · · Score: 0

      Sure buddy

    5. Re: Moscow Donald's Campaign Manager is IN PRISON by Anonymous Coward · · Score: 0

      W-w-wahhhh it's unfair, how can Donald Trump be hanged for treason and his bitch beta traitor sons die in Federal Prison, soooooo unfaaaaaaaaaiiiiiir! What about the Magnitsky Act?!? How will I felate Putin now!? Manually???

      What, shirtless on horseback? Well, at least it's better than felating Donald "Toad" Drumpf...

  2. APK can fix this by Anonymous Coward · · Score: 0

    Unless he is hosting some penetration if you know what I mean

    1. Re:APK can fix this by Anonymous Coward · · Score: 0

      I came here only to see APK's reaction to bad apps from the good app store that everyone uses for apps.

  3. THERE WILL BE CONSEQUENCES NAZI FAGGOT KEN DOLL by Anonymous Coward · · Score: 0

    THERE WILL BE CONSEQUENCES FOR YOUR LIES NAZI FAGGOT KEN DOLL

    Filter error: Don't use so many caps. It's like YELLING. Filter error:

  4. Who gives a shit? by Anonymous Coward · · Score: 0

    Go fuck yourselves, stupid cunts.

  5. Re: THERE WILL BE CONSEQUENCES NAZI FAGGOT KEN DOL by Anonymous Coward · · Score: 0

    You're a nazi faggot ken doll. And so is your mother.

  6. When a product by AHuxley · · Score: 1

    is made totally safe for ads then malware just has to look like an approved service :)
    Good security cant keep allowing approved ads in and still keep a user safe.

    When building a great new OS, browser keep security in mind, not how to keep access for ads.

    --
    Domestic spying is now "Benign Information Gathering"
  7. PENCE pardons Trump in 2022 FULL PARDON by Anonymous Coward · · Score: -1

    You know this will happen.

    1. Re:PENCE pardons Trump in 2022 FULL PARDON by Anonymous Coward · · Score: -1

      Wonder why he's been so quiet lately? Duh. Pence is going too. He's part of the sealed criminal indictment. NONE of these traitor faggots are getting away from Mueller at this point. Flynn rolled them all up. Traitor morons.

  8. it wuz haxx0rz by Anonymous Coward · · Score: 0

    wif de hax, in ur br0ws4r. URA HAXX0RED NA0!!!1!

  9. Shame on Slashdot for allowing this spam by Anonymous Coward · · Score: 0

    Whipslash and the other editors should be ashamed for allowing this spam to continue. This goes beyond a heated argument, since this spam has been ongoing for weeks. It's for the sole purpose of disrupting discussion on this site, which is why it's being posted even in articles where SuperKendall hasn't commented. Slashdot is aware of this behavior because it's blatant, highly persistent, and has been brought to their attention by flagging these posts as abuse. It is a complete and utter embarrassment that, after weeks of flagrant abuse like this, Slashdot allows it to continue unchecked. Perhaps they'll take notice when the remaining adults move on to more civilized places and only trolls are left in the comments.

  10. Comment removed by account_deleted · · Score: 1

    Comment removed based on user account deletion

  11. Are you protected yet? by Anonymous Coward · · Score: 0

    Because I think Google needs to do away with extensions entirely. The only code that Chrome needs to run is that which is approved and written by Google only. Anything less is a blatant disregard for the safety of the internet and it's users everywhere.

    /sarcasm

    INB4 People who know nothing about computer security start posting the above demands.

  12. THERE WILL BE CONSEQUENCES NAZI FAGGOT KEN DOLL by Anonymous Coward · · Score: 0

    THERE WILL BE CONSEQUENCES FOR LIES NAZI FAGGOT KEN DOLL. DON'T LIKE IT? TOO LATE. THERE WILL BE CONSEQUENCES FOR YOUR ENTIRE FAMILY YOU LYING NAZI FAGGOT.

    Filter error: Don't use so many caps. It's like YELLING. Filter error: Don't use so many caps. It's like YELLING. Filter error: Don't use so many caps. It's like YELLING.

  13. Home Faraday cages will be popular... by Anonymous Coward · · Score: 0

    Maybe!? Or just a Faraday box near the front door.

  14. tainted extensions by Anonymous Coward · · Score: 0

    welcome to the new monoculture.

  15. Who wrote this summary? by Anonymous Coward · · Score: 0

    "an APT (Advanced Persistent Threat -- an industry term for nation-state hacking groups)"
    Hardly - an APT is a classification of malware, not of a hacker group.
    Looks like the author of this report doesn't know the term they are purporting to explain.

  16. I keep a Chrome account with no extensions... by Anonymous Coward · · Score: 0

    ...to log in to banks and other possibly sensitive websites. I do all my other browsing in a session containing ad blockers and whatnot, but keep the clean account for when I need to make sure nothing interferes with the operation of a webpage.

  17. Re:Yay! by Anonymous Coward · · Score: 0

    When building a great new OS, browser keep security in mind, not how to keep access for ads.

  18. For those too lazy to RTFA by helpfulcorn · · Score: 1

    The extension is "Auto Font Manager", a ridiculously stupid extension that I imagine if you are reading /., you don't have, because it was essentially always installed as a part of a scam. So don't freak out or anything, it's not any of the actually important extensions.