Google Chrome Attracting Hacker AttentionGoogle Chrome Attracting Hacker Attention
The good news: at a recent security conference, Google Chrome got kudos as the hardest to browser hack. The bad news: a new hack is targeting possibly overconfident Chrome users and tagging them with malware.
April 20, 2010
The good news: at a recent security conference, Google Chrome got kudos as the hardest to browser hack. The bad news: a new hack is targeting possibly overconfident Chrome users and tagging them with malware.The Pwn2own hacking competition at last month's CanSecWest named Google Chrome as the toughest to hack of four browsers -- the others were Microsoft Internet Explorer 7, Mozilla Firefox 3, Apple Safari 4 (Firefox and IE7 were tested on XP systems, Safari on OSX).
Toughest in the competition, but not invulnerable: a Chrome-targeting trojan is now making the rounds.
The link in the e-mail is a redirect, of course, one that lands the user on a fake Chrome extensions page, from which malware is downloaded that cuts the user off from Google (and Yahoo).
Instead of being able to reach Google or Yahoo proper, users are further redirected to phony, malware-laden sites.
Tipoff to the scam is the initial download's use of a .exe extension, whereas legit Chrome extensions are .crx
The fact that the crooks are making an effort to target Chrome indicates that they perceive critical -- and thus profitable -- mass building for the browser.
Which makes it critical that if any of your users are running Chrome, make sure they're aware of the attack and its characteristics.
Make sure as well that they know that Chrome, while plenty tough, isn't impervious to attacks.
About the Author(s)
You May Also Like
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
What's In Your Cloud?Nov 30, 2023